157563 matches found
CVE-2026-44186
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
firefox: thunderbird: Use-after-free in the DOM: Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...
CVE-2026-29170
A cross-site scripting vulnerability exists in modproxyftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue...
CVE-2026-29167
Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2020-37248
OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication, which allows STRIPTLS/man-in-the-middle attacks, taking over the connection and extracting account credentials in cleartext...
firefox: thunderbird: Use-after-free in the DOM: Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...
firefox: thunderbird: Other issue in the WebRTC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the WebRTC component...
USN-8403-1: Kea DHCP vulnerability
Ali Norouzi discovered that Kea DHCP did not properly handle maliciously crafted messages over configured API sockets and HA listeners. A remote attacker could possibly use this issue to cause Kea DHCP to crash, resulting in a denial of service...
JLSEC-2026-606
Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....
CVE-2026-8376 vulnerabilities
Vulnerabilities for packages: perl...
GHSA-MPXQ-89H3-QC47 vulnerabilities
Vulnerabilities for packages: perl...
GHSA-PXH5-6RRC-8RJV vulnerabilities
Vulnerabilities for packages: opentofu...
CVE-2026-7598 vulnerabilities
Vulnerabilities for packages: libssh2...
GHSA-JHP3-H4HP-2C3P vulnerabilities
Vulnerabilities for packages: libssh2...
CVE-2026-48112
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...
GHSA-JHP3-H4HP-2C3P vulnerabilities
Vulnerabilities for packages: libssh2...
CVE-2026-7598 vulnerabilities
Vulnerabilities for packages: libssh2...
CVE-2026-8376 vulnerabilities
Vulnerabilities for packages: perl...
GHSA-MPXQ-89H3-QC47 vulnerabilities
Vulnerabilities for packages: perl...
GHSA-PXH5-6RRC-8RJV vulnerabilities
Vulnerabilities for packages: opentofu-fips, opentofu...