4076 matches found
CVE-2025-27795 vulnerabilities
Vulnerabilities for packages: graphicsmagick...
GHSA-VP98-W2P3-MV35 vulnerabilities
Vulnerabilities for packages: druid...
GHSA-6HWG-W5JG-9C6X vulnerabilities
Vulnerabilities for packages: rancher-machine, docker-machine-driver-harvester...
GHSA-PPM8-GJFW-8977 vulnerabilities
Vulnerabilities for packages: ffmpeg...
GHSA-2VQ7-8VVF-W66V vulnerabilities
Vulnerabilities for packages: exim...
GHSA-F7VH-QWP3-X37M vulnerabilities
Vulnerabilities for packages: druid...
CVE-2025-1686 vulnerabilities
Vulnerabilities for packages: dependency-track...
mingw-libpng security update
1.6.34-1 - Rebase to version 1.6.34 - Fix the following CVEs CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 - Resolves: RHEL-131458 - Resolves: RHEL-131471 - Resolves: RHEL-133229...
firefox: thunderbird: Same-origin policy bypass in the Request Handling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...
firefox: thunderbird: Privilege escalation in the Netmonitor component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...
CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...
libtiff: Libtiff Write-What-Where
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...
GHSA-WCJ4-JW5J-44WH vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, authentik, authentik-fips, localstack, py3-vllm-cuda-12.4...
CVE-2025-68756
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...
firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...
firefox: thunderbird: Privilege escalation in the Netmonitor component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...
firefox: thunderbird: Use-after-free in the WebRTC: Signaling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC: Signaling component...
firefox: thunderbird: Privilege escalation in the Netmonitor component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...