CVE-2025-6430

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a embed or object tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12,...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/tracing: Fixed a potential UAF Uninitialized Address Fault in TPPrintk. The commit afd2627f727b “tracing: Check “%s” for dereference via the field, not via the TPPrintk format” exposes potential UAFs in the xeboMove tra...

CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...

Canon ImageRunner 安全漏洞

Canon ImageRunner is a series of all-in-one black and white printers from Canon Japan. A security vulnerability exists in Canon ImageRunner that stems from a backporting issue in production printers and multifunction printers...

CVE-2025-3031

An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

CVE-2025-24201

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4...

CVE-2024-49570

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

CVE-2024-49570

The CVE is in the Linux kernel DRM- XE tracing code. A potential use-after-free (UAF) arises from TP_printk dereferencing xe_mem_type_to_name[] during tracing of xe_bo_move in the xe trace event, exposing a TP_printk-time UAF. The fix avoids dereferencing xe_mem_type_to_name[] at TP_printk time b...

CVE-2024-49570

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

CVE-2024-49570 drm/xe/tracing: Fix a potential TP_printk UAF

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

CVE-2025-22134

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...

CVE-2024-11236

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...

Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations

Summary Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by ParseWithClaims return both error codes. If users only...

CVE-2024-49997 net: ethernet: lantiq_etop: fix memory disclosure

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...

pcp security update

5.3.7-22.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of python tool pcp-slabinfo Orabug: 35560940 - Backporting of python tool pcp-buddyinfo Orabug: 35660932 - Backporting of python tool pcp-netstat Orabug:...

CVE-2024-40776

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...

CVE-2022-48786 vsock: remove vsock from connected table when connect is interrupted by a signal

In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsockconnect expects that the socket could already be in the TCPESTABLISHED state when the connecting task wakes up with a signal pending. If this...

CVE-2024-39371 io_uring: check for non-NULL file pointer in io_file_can_poll()

In the Linux kernel, the following vulnerability has been resolved: iouring: check for non-NULL file pointer in iofilecanpoll In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to that...

pcp security update

5.3.7-20.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of python tool pcp-slabinfo Orabug: 35560940 - Backporting of python tool pcp-buddyinfo Orabug: 35660932 - Backporting of python tool pcp-netstat Orabug:...

Oracle Linux 8 : pcp (ELSA-2024-3264)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3264 advisory. 5.3.7-20.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of python tool...