12298 matches found
PT-2026-26146
HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading function, bgzf index load hfile, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to...
PT-2026-1017
Name of the Vulnerable Software and Affected Versions eopkg versions prior to 4.4.0 Description eopkg is a package manager for Solus implemented in Python3. A malicious package could bypass the directory restrictions imposed by the --destdir option. Exploitation requires installing a package from...
PT-2026-8217
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the macvlan component, specifically in the macvlan common newlink function. A use-after-free condition can occur when creating a new macvlan link...
PT-2026-28494
Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus lacks validation of the image fingerprint when downloading from simplestreams image servers. This can lead to image cache poisoning, potentially allowing an attacker to provide a compromised ima...
CVE-2025-66863
A flaw was found in BinUtils. Attackers can exploit this vulnerability by providing a specially crafted Portable Executable PE file. This can lead to a denial of service, making the affected application unavailable. Mitigation To reduce the risk of exploitation, users should avoid processing...
CVE-2025-15388
creationtimestamp| type| source ---|---|--- 2025-12-31 08:13:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10614-dee41-2.html 2025-12-31 09:18:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbbjutbhay2p 2025-12-31 09:48:46+00:00| seen|...
GHSA-59PP-R3RG-353G Composer is vulnerable to ANSI sequence injection
Impact Attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and potentially leading to confusion or DoS of the terminal application. There is no proven exploit...
Composer is vulnerable to ANSI sequence injection
Impact Attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and potentially leading to confusion or DoS of the terminal application. There is no proven exploit...
CVE-2025-67746
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-67746
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-67746
Composer 2.x is vulnerable to ANSI sequence injection in terminal output when downloading from remote sources. Affected: 2.2.x before 2.2.26 and 2.9.x before 2.9.3. Root cause: remote sources can inject ANSI control characters into command output, potentially causing mangled output and terminal D...
CVE-2025-67746 Composer vulnerable to ANSI sequence injection
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
EUVD-2025-205815
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-67746 Composer vulnerable to ANSI sequence injection
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-67746
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-67746 Composer vulnerable to ANSI sequence injection
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
CVE-2025-69025
creationtimestamp| type| source ---|---|--- 2025-12-30 12:23:40+00:00| seen| https://gist.github.com/Darkcrai86/daf9b003d64856938bf5305af949749a 2025-12-30 13:33:48+00:00| seen| https://gist.github.com/Darkcrai86/51b434e4cdffd09b6493ddb74d99cb19...
CVE-2025-69092
creationtimestamp| type| source ---|---|--- 2025-12-30 12:18:26+00:00| seen| https://gist.github.com/Darkcrai86/6cd20cf5bf45ae912d0cf97f63262313 2025-12-30 13:30:49+00:00| seen| https://gist.github.com/Darkcrai86/5b281448f59e3bbee4200f8c778ec916 2026-01-08 22:13:35+00:00|...
CVE-2025-15359
creationtimestamp| type| source ---|---|--- 2025-12-30 10:28:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb75dgs3b42x 2025-12-30 11:00:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb7744vb4q2p 2026-01-05 17:01:58+00:00| published-proof-of-concept|...
CVE-2025-61037
creationtimestamp| type| source ---|---|--- 2025-12-30 08:05:47+00:00| seen| https://gist.github.com/GunP4ng/42b19ee99e94c315173b74a9fb26c2b9 2025-12-30 08:33:01+00:00| seen| https://gist.github.com/jc0818/233462416579661e4e2795f96457a6bf 2026-01-02 21:53:17+00:00| seen|...