Micro XRCE-DDS Agent 安全漏洞

Micro XRCE-DDS Agent is an eProsima open source proxy bridging tool for resource constrained devices to communicate with the DDS world. A security vulnerability exists in Micro XRCE-DDS Agent version 3.0.1 that stems from improper handling of non-valid values in Boolean fields, which could lead t...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50071)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50071 advisory. 5.4.17-2136.351.3.3 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38884602 CVE-2025-40022 Tenable has extracted the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the improper use of boolean values in the afalgctx structure, which could lead to data conversion errors...

CVE-2025-57396

Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API, which resulted in the User Profile API Endpoint containing two boolean values indicating whether a user is staff or administrative. Consequently, any user can escala...

Linux Distros Unpatched Vulnerability : CVE-2018-20200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean valu...

SUSE CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

tigervnc security, bug fix, and enhancement update

1.11.0-6 - Use GNOME as default session Resolves: bz1853608 1.11.0-5 - Make sure we log properly output to journal actually log to syslog Resolves: bz1841537 1.11.0-4 - Make sure we log properly output to journal Resolves: bz1841537 1.11.0-3 - vncserver: ignore new 'session' parameter from the ne...

CVE-2021-25648

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

CVE-2018-20200

CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale...

DEBIAN-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

UBUNTU-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

CakePHP 2.8.3, 3.0.18, 3.1.13 and 3.2.6 Released

CakePHP 2.8.3, 3.0.18, 3.1.13 and 3.2.6 Released The CakePHP core team is happy to announce the immediate availability of CakePHP 2.8.3, 3.0.18, 3.1.13, and 3.2.6. These releases contain security fixes. 3.2.6 and 2.8.3 also contain bugfixes. Security Fixes These releases fix a weakness in...