799 matches found
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.0.2)
The version of AHV installed on the remote host is prior to AHV-10.3.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.0.2 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...
OESA-2025-2094 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
RHEL 10 : thunderbird (RHSA-2025:14844)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:14844 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memor...
Linux Distros Unpatched Vulnerability : CVE-2022-30775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm...
Linux Distros Unpatched Vulnerability : CVE-2020-35920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Linux Distros Unpatched Vulnerability : CVE-2022-45412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memo...
SUSE CVE-2025-55199
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...
CVE-2025-8961
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...
Linux Distros Unpatched Vulnerability : CVE-2025-37981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use iskdumpkernel to check for kdump The smartpqi driver checks the...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update
Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
ROS-20250806-10
A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...
PT-2025-32111 · Unknown · Blockchain Keystore
Name of the Vulnerable Software and Affected Versions: Blockchain Keystore versions prior to 1.3.17.2 Description: An out-of-bounds write issue exists in the creation of bitmap images. This can allow a local privileged attacker to write to memory outside of allocated boundaries. Recommendations:...
Linux Distros Unpatched Vulnerability : CVE-2023-52616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpiecinit When the mpiecctx structure is...
CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
PT-2025-31936
Name of the Vulnerable Software and Affected Versions OpenJPEG versions 2.5.3 and earlier Description OpenJPEG is an open-source JPEG 2000 codec. A call to the opj jp2 read header function may lead to an out-of-bounds heap memory write when the data stream p stream is too short and p image is not...
CVE-2025-50422
CVE-2025-50422 affects Cairo (up to 1.18.4) as used in Poppler (up to 25.08.0). The issue is an assertion failure (unscaled->face == NULL) in _cairo_ft_unscaled_font_fini within cairo-ft-font.c, leading to a crash in affected workflows. Mitigations from connected advisories: update Cairo/Poppl...