JLSEC-2026-57

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...

CVE-2025-64435 affecting package kubevirt for versions less than 1.6.3-1

CVE-2025-64435 affecting package kubevirt for versions less than 1.6.3-1. A patched version of the package is available...

CVE-2025-64436 affecting package kubevirt for versions less than 1.6.3-1

CVE-2025-64436 affecting package kubevirt for versions less than 1.6.3-1. An upgraded version of the package is available that resolves this issue...

AZL-70414 CVE-2025-64324 affecting package kubevirt for versions less than 1.6.3-1

KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...

FORT Validator 安全漏洞

FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3 that stems from dereferencing pointers...

FORT Validator 安全漏洞

FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3, which stems from dereferencing a pointer without first cleaning it up...

sshproxy 命令注入漏洞

sshproxy is an open source proxy program from cea-hpc. A command injection vulnerability exists in sshproxy versions prior to 1.6.3, which stems from the presence of SSH command injection...

Roundcube Webmail Cross-Site Scripting Vulnerability

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.4.14, versions prior to 1.5.4, and versions prior to 1.6.3, which stems from a...

Memcached 命令注入漏洞

Memcached is the United States Brad Fitzpatrick Brad Fitzpatrick individual developers of a high-performance distributed memory object caching system. The system reduces the number of database reads by caching data and objects in memory, thus increasing the speed of access to the site. A security...

AZL-13212 CVE-2022-25147 affecting package apr-util for versions less than 1.6.3-1

Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions...

Flarum 安全漏洞

Flarum is an open source forum system for the Flarum community. A security vulnerability exists in versions prior to Flarum v1.6.3. An attacker exploiting this vulnerability could read restricted/private content and bypass access checks for such content...

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

...

ALPINE-CVE-2022-47629

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...

cocoapods-downloader 参数注入漏洞

cocoapods-downloader is a small library. It is used to download files from remotes in folders. A security vulnerability exists in cocoapods-downloader, which stems from git parameter injection. The following products and versions are affected: versions prior to 1.6.0, versions prior to 1.6.2, and...

UBUNTU-CVE-2017-11737

interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...

jQuery cross-site scripting vulnerability

jQuery is an American programmer John Resig developed a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript , and has a modular , plug-in extensions and other features . A cross-site scripting vulnerability exists in versions of...

Libgcrypt Local Information Disclosure Vulnerability

Libgcrypt is a general-purpose cryptographic library based on the GnuPG code. The library implements a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, public key algorithms, and more. A local information disclosure vulnerability exists in versions of Libgcryp...

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...