4447 matches found
GHSA-R6J8-C6R2-37RR vulnerabilities
Vulnerabilities for packages: node-feature-discovery, azuredisk-csi, emissary, node-feature-discovery-fips, eks-distro-fips, blob-csi, argo-cd, blob-csi-fips, nodetaint, azuredisk-csi-fips, cephcsi-fips, ip-masq-agent, mesosphere-vsphere-csi, kubernetes-csi-driver-nfs-fips, volcano,...
webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper bounds checking and result in an unexpected process crash...
webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
ROS-20251217-7313
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20251217-7310
A vulnerability in Mozilla Firefox and Firefox ESR browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...
CVE-2025-53618
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...
CVE-2025-8114 affecting package libssh for versions less than 0.10.6-5
CVE-2025-8114 affecting package libssh for versions less than 0.10.6-5. A patched version of the package is available...
keylime security update
7.12.1-11.3 - Registrar allows identity takeover via duplicate UUID registration Resolves: RHEL-130760 7.12.1-11.2 - Properly fix the malformed certificate workaround Resolves: RHEL-111244...
ROS-20251216-7306
Vulnerability in gnuplot related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20251216-7305
Vulnerability in gnuplot related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251216-7349
A vulnerability in the Gimp image processing library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a specially crafted ICNS file...
CVE-2025-31160 affecting package atop for versions less than 2.9.0-2
CVE-2025-31160 affecting package atop for versions less than 2.9.0-2. A patched version of the package is available...
CVE-2025-40331 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40331 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40240 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40240 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40040 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40040 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40343 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40343 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40321 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40321 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40178 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40178 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...