456423 matches found
CVE-2026-11968
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
CVE-2026-11968
CVE-2026-11968 affects TortoiseGitBlame. The issue arises from argument injection via malicious Git history filenames, enabling arbitrary file write in TortoiseGit. The provided sources describe the vulnerability name and impact but do not include concrete exploit details, affected versions, root...
coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification
A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...
SUSE-SU-2026:2619-1 Security update for libpng15
This update for libpng15 fixes the following issues Security issues: - CVE-2025-64720: buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159. Non security issue: - version update to 1.5.30 jscPED-16191. Changes for libpng15: - Replaced 'unexpected' with an...
Security update for libpng15
This update for libpng15 fixes the following issues Security issues: CVE-2025-64720: buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159. Non security issue: version update to 1.5.30 jscPED-16191. Changes for libpng15: Replaced "unexpected" with an integer ...
DEBIAN-CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
UBUNTU-CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
EUVD-2026-38702
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
CVE-2026-52932
In CVE-2026-52932, the Linux kernel xfrm IPcomp path contains a fix to ensure that the allocated destination scatter-gather (dst SG) list is freed on error as well as on success, preventing potential resource leaks. The root cause is improper memory deallocation during error handling in the xfrm ...
CVE-2026-52932 xfrm: ipcomp: Free destination pages on acomp errors
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
MAL-2026-6376 Malicious code in bn-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...
Malicious code in bn-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...
Updated podofo packages fix security vulnerabilities
Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...
Updated opensc packages fix security vulnerabilities
These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...
MGASA-2026-0231 Updated opensc packages fix security vulnerabilities
These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...
MGASA-2026-0229 Updated podofo packages fix security vulnerabilities
Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...
Open Redirect
Nuxt is vulnerable to open redirect. The vulnerability is due to improper validation of path-normalized URLs in navigateTo, where specially crafted paths can bypass external-host checks after normalization, allowing attackers to redirect users to malicious websites and facilitate phishing attacks...