SUSE CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

CVE-2025-14267

CVE-2025-14267 affects M-Files Server prior to version 25.12.15491.7. The issue is incomplete removal of sensitive information before data transfer, enabling potential data-leak exposure. Affected component is the server-side handling of data transfer where sensitive data may remain cached/left b...

EUVD-2025-204453

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

curl: Use-after-free when POST body buffer is freed before transfer

Summary: I locally reproduced a heap use-after-free in libcurl by setting CURLOPTPOSTFIELDSIZE and CURLOPTPOSTFIELDS to a heap buffer and then freeing that buffer before curleasyperform. AddressSanitizer ASan reports a heap-use-after-free read during the request send path. This demonstrates the...