firefox: thunderbird: Integer overflow in the SVG component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the SVG component...

firefox: thunderbird: Integer overflow in the SVG component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the SVG component...

CVE-2025-53884

CVE-2025-53884 concerns NeuVector, where passwords and API keys are stored using a simple, unsalted hash. The provided documents state this scheme is vulnerable to rainbow table attacks (offline hash precomputation), enabling potential credential exposure if hashes are compromised. The NVD entry ...

PT-2025-38279

Name of the Vulnerable Software and Affected Versions: Frappe Learning versions 2.34.1 and below Description: Frappe Learning does not adequately sanitize content uploaded in the profile bio. This allows for the execution of arbitrary scripts in the context of other users through malicious SVG...

Frappe Learning 跨站脚本漏洞

Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning version 2.34.1 and prior versions, which stems from not adequately cleaning up uploaded content in personal profiles, and could lead to ...

SUSE CVE-2023-53184

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when...

SUSE CVE-2025-10533

Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

SUSE CVE-2025-39804

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...

ai.ancf.lmos-router:lmos-router-hybrid-spring-boot-starter (=0.28.0), ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0) +18121 more potentially affected by CVE-2025-41249 via org.springframework:spring-core (>=6.0.0 <=6.1.21)

org.springframework:spring-core MAVEN version =6.0.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.1.0, =0.12.1 - ai.djl.spring:djl-spring-boot-starter-autoconfigure =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-auto =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-linux-x8664 =0.2...

KLA88014 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in...

Mozilla -- integer overflow

[email protected] reports: Integer overflow in the SVG component...

Security Vulnerabilities fixed in Firefox ESR 115.28 — Mozilla

CVE-2025-10533: Integer overflow in the SVG component Reporter Andrew Creskey Impact moderate References Bug 1980788...

Linux Distros Unpatched Vulnerability : CVE-2023-53184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the...

SUSE CVE-2022-50252

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc fails, qvector will be freed but left in the original adapter-qvectorvidx array position...

DEBIAN-CVE-2023-53184

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when...

CVE-2023-53184

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when...

CVE-2022-50252

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc fails, qvector will be freed but left in the original adapter-qvectorvidx array position...

UBUNTU-CVE-2022-50252

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc fails, qvector will be freed but left in the original adapter-qvectorvidx array position...

UBUNTU-CVE-2023-53184

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when...

CVE-2023-53184

The CVE-2023-53184 entry concerns a Linux kernel vulnerability in arm64 SME (SVE state handling). The root cause is that the vector length is updated after allocating the SVE state, causing allocation with the old length and potential memory corruption from an undersized buffer. The fix moves the...