981 matches found
CVE-2024-9603 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-G5C3-FV5W-X2CW vulnerabilities
Vulnerabilities for packages: mysql...
CVE-2025-30349
Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...
GHSA-8C8W-F7WP-2JR2 vulnerabilities
Vulnerabilities for packages: croc...
CVE-2025-2584
A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can ...
CVE-2024-9042 vulnerabilities
Vulnerabilities for packages: rancher-webhook-fips, rancher-agent...
CVE-2023-52585 affecting package kernel for versions less than 5.15.176.3-3
CVE-2023-52585 affecting package kernel for versions less than 5.15.176.3-3. A patched version of the package is available...
CVE-2024-41080 affecting package kernel for versions less than 5.15.176.3-1
CVE-2024-41080 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...
CVE-2025-2338
A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdupvprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may ...
CVE-2025-2240 vulnerabilities
Vulnerabilities for packages: wildfly, apicurio-registry...
CVE-2025-21749 affecting package kernel for versions less than 6.6.78.1-3
CVE-2025-21749 affecting package kernel for versions less than 6.6.78.1-3. An upgraded version of the package is available that resolves this issue...
CVE-2024-12797 affecting package openssl for versions less than 3.3.3-1
CVE-2024-12797 affecting package openssl for versions less than 3.3.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-1744 affecting package ceph for versions less than 16.2.10-7
CVE-2025-1744 affecting package ceph for versions less than 16.2.10-7. A patched version of the package is available...
CVE-2025-21861
In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new folio. This will set memcgdata of the...
CVE-2025-2123
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument...
CVE-2024-56739 affecting package kernel for versions less than 5.15.176.3-1
CVE-2024-56739 affecting package kernel for versions less than 5.15.176.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-56723 affecting package kernel for versions less than 5.15.176.3-1
CVE-2024-56723 affecting package kernel for versions less than 5.15.176.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-58080
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: dispcc-sm6350: Add missing parentmap for a clock If a clkrcg2 has a parent, it should also have parentmap defined, otherwise we'll get a NULL pointer dereference when calling clksetrate like the following: 3.388105 Cal...
CVE-2025-21827
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usbdriverclaiminterface The documentation for usbdriverclaiminterface says that "the device lock" is needed when the function is called from places other than probe. This appears to be th...
CVE-2025-21826
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...