2289 matches found
CVE-2026-34718
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HTML sanitizer for ticket articles was missing proper sanitization of data: ... URI schemes, resulting in storing such malicious content in the database of the Zammad instance. The Zammad GUI is...
CVE-2026-43965
Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may disclose internal states of the app
A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...
Crash during DNSSEC validation of malicious content
...
CVE-2025-31985
CVE-2025-31985 affects HCL BigFix Service Management (SM). The issue is a security misconfiguration caused by a missing or insecure X-Content-Type-Options header, which could allow browsers to perform MIME-type sniffing and potentially cause malicious content to be interpreted and executed incorr...
CVE-2026-42959
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash...
Astra Linux - уязвимость в webkit2gtk
This issue has been addressed through improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3, and iPadOS 18.7.3; iOS 26.2, and iPadOS 26.2; as well as macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safa...
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption...
Astra Linux - уязвимость в webkit2gtk
This issue has been resolved through improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, and watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, and Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 18.6, iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, and watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari cras...
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue is fixed in Safari 17.6, iOS 17.6, iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash...