14 matches found
nodejs24 security update
1:24.14.1-2.0.2 - Rebuild to correct NVR 1:24.14.1-2.0.1 - Update upstream references...
Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input
Summary A Denial of Service DoS vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse function inherited from the bundled jsbn library. When modInverse is called with a zero value as input, the internal Extended Euclidean Algorithm enters an unreachab...
Linux Distros Unpatched Vulnerability : CVE-2026-0943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz...
SUSE CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
The CVE-2026-0943 entry concerns HarfBuzz::Shaper (Perl) with a bundled HarfBuzz library. Versions before 0.032 include HarfBuzz 8.4.0 or earlier in hb_src.tar.gz, which is affected by CVE-2026-22693 due to a null pointer dereference in a subtable cache (SubtableUnicodesCache::create). The vulner...
CVE-2026-0943 HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
PT-2025-47557
Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2022-4976
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141...
OPENSUSE-SU-2023:0247-1 Security update for chromium
This update for chromium fixes the following issues: - CVE-2023-4863: temporary build with the bundled library on Leap boo1215231...
Mandriva Linux Security Advisory : libvncserver (MDVSA-2014:168)
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The libvncserver library is built with a bundled copy of minilzo, which is...