10 matches found
AZL-74636 CVE-2026-0861 affecting package glibc for versions less than 2.35-9
Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...
CVE-2025-67712
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...
CVE-2025-67712
CVE-2025-67712 is an HTML injection issue affecting Esri ArcGIS Web AppBuilder developer edition before 2.30. The vulnerability could allow a remote, unauthenticated attacker to entice a user to click a link that causes arbitrary HTML to render in the victim’s browser; there is no evidence of Jav...
CVE-2025-67712 HTML injection issue in ArcGIS Web App Builder
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...
AZL-68775 CVE-2025-11839 affecting package binutils for versions less than 2.37-20
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...
GHSA-WJ5C-J656-H5FW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
In Jenkins before versions 2.44 and 2.32.2, node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes SECURITY-343...
UBUNTU-CVE-2020-35496
There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...
PT-2019-19426
Name of the Vulnerable Software and Affected Versions GNU C Library aka glibc or libc6 versions prior to 2.30 Description The issue is related to Uncontrolled Recursion in the check dst limits calc pos 1 function in posix/regexec.c. This can be demonstrated by using a crafted pattern '|11' in gre...
PT-2019-5586
Name of the Vulnerable Software and Affected Versions GNU C Library aka glibc or libc6 versions prior to 2.30 Description The issue is related to uncontrolled recursion in the GNU C Library when processing regular expressions. This can lead to a denial of service. The problem arises when the...
CVE-2011-2957
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 CPR9 SR3 allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer .ftd configuration file, which triggers memory corruption...