Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In...

EUVD-2022-54577

In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...

Malicious code in sadr-cache-update-module (npm)

The package sadr-cache-update-module was found to contain malicious code...

MAL-2025-32610 Malicious code in sadr-cache-update-module (npm)

The package sadr-cache-update-module was found to contain malicious code...

CVE-2025-38073

In the Linux kernel, the following vulnerability has been resolved: block: fix race between setblocksize and read paths With the new large sector size support, it's now the case that setblocksize can change iblksize and the folio order in a manner that conflicts with a concurrent reader and cause...

CVE-2024-33829

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/readDeal.php?mudi=updateWebCache...

CVE-2025-21933 arm: pgtable: fix NULL pointer dereference issue

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: fix NULL pointer dereference issue When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which will cause a NULL pointer dereference issue in adjustpte: Unable to handle kernel NULL pointe...

DEBIAN-CVE-2022-49655

In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...

notation-go 安全漏洞

notation-go is a collection of libraries that support signing and validating OCI artifacts for notaryproject individual developers. A security vulnerability exists in notation-go version 1.3.0-rc.1, which stems from a failed CRL cache update operation that results in an unexpected program...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an invalid parent device port index in the firewire module, resulting in a warning that may be triggered when...

SUSE CVE-2024-47693

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ibcachesetupone error flow cleanup When ibcacheupdate return an error, we exit ibcachesetupone instantly with no proper cleanup, even though before this we had already successfully done gidtablesetupone, that results...

AZL-50746 CVE-2024-47693 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ibcachesetupone error flow cleanup When ibcacheupdate return an error, we exit ibcachesetupone instantly with no proper cleanup, even though before this we had already successfully done gidtablesetupone, that results...

CVE-2024-33829

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/readDeal.php?mudi=updateWebCache...

SUSE CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

SUSE CVE-2013-5597

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...

unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names

A flaw was found in Unbound, which is vulnerable to a novel type of "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates...

Ubuntu: Security Advisory (USN-5474-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: varnish:6 security, bug fix, and enhancement update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

User B cannot see a message notification in the Bulletins icon same as user A sees it.

Problem The issue is regarding bulletin board notification when you log into Maximo, a user has created a bulletin board and filled all the details. The Bulletin Board has been published. If another user logs into Maximo, he/she doesn't see the notification on the Bulletin Board icon instantly...

Mozilla Firefox < 25.0 Multiple Vulnerabilities

Binary data 8044.prm...