157559 matches found
CVE-2025-69652 vulnerabilities
Vulnerabilities for packages: binutils...
CVE-2025-69651 vulnerabilities
Vulnerabilities for packages: binutils...
GHSA-3244-J874-RHC2 vulnerabilities
Vulnerabilities for packages: seata, management-api-for-apache-cassandra-4.0, pinot, apache-hop, tez, thingsboard, apache-hop-fips, trino, management-api-for-apache-cassandra-5.0, pinot-fips, management-api-for-apache-cassandra-4.1, celeborn...
CVE-2026-44250 vulnerabilities
Vulnerabilities for packages: seata, management-api-for-apache-cassandra-4.0, pinot, apache-hop, tez, thingsboard, apache-hop-fips, trino, management-api-for-apache-cassandra-5.0, pinot-fips, management-api-for-apache-cassandra-4.1, celeborn...
GHSA-6GHJ-FRRJ-JJJ3 vulnerabilities
Vulnerabilities for packages: seata, management-api-for-apache-cassandra-4.0, pinot, apache-hop, tez, thingsboard, apache-hop-fips, trino, management-api-for-apache-cassandra-5.0, pinot-fips, management-api-for-apache-cassandra-4.1, celeborn...
CVE-2026-44890 vulnerabilities
Vulnerabilities for packages: seata, management-api-for-apache-cassandra-4.0, pinot, apache-hop, tez, thingsboard, apache-hop-fips, trino, management-api-for-apache-cassandra-5.0, pinot-fips, management-api-for-apache-cassandra-4.1, celeborn...
GHSA-J86X-FWP2-QH7V vulnerabilities
Vulnerabilities for packages: airflow, airflow-core...
CVE-2025-66236 vulnerabilities
Vulnerabilities for packages: airflow, airflow-core...
firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...
firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...
firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...
Updated suricata packages fix security vulnerabilities
Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version...
CVE-2026-41855
In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...
CVE-2026-41854
Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a server-side request forgery SSRF attack. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18...
CVE-2026-41852
A vulnerability in Spring Expression Language SpEL evaluation logic allows for arbitrary zero-argument method invocation, even within restricted or read-only contexts, which may allow an attacker to invoke unintended application logic. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2....
CVE-2026-41849
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language SpEL. An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service DoS. Affected versions: Spring...
CVE-2026-41848
Applications may be vulnerable to a Regular Expression Denial of Service ReDoS attack if an attacker is able to provide a pattern which is then directly or indirectly supplied to one of the following methods in AntPathMatcher: matchString pattern, String path, matchStartString pattern, String pat...
CVE-2026-41845
Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3....
CVE-2026-41843
Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...