MiracleLinux 7 : java-11-openjdk-11.0.23.0.9-2.el7 (AXSA:2024-7701:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7701:06 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

EUVD-2015-0830

Malware in sbrugna...

Important: thunderbird

Issue Overview: Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100. CVE-2022-29912 The parent process would not properly check whether the Speech Synthesis feature is...

Security Vulnerabilities fixed in Firefox ESR 115.21 — Mozilla

In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. It was possibl...

SUSE-SU-2025:0394-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2024-50379: Fixed remote code execution RCE due to TOCTOU issue in JSP compilation bsc1234663. - CVE-2024-54677: Fixed denial-of-service DoS attack in examples web application bsc1234664...

CVE-2024-54534

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption...

SUSE-SU-2024:1573-1 Security update for go1.22

This update for go1.22 fixes the following issues: Update to go1.22.3: - CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin bsc1224017 - CVE-2024-24788: net: high cpu usage in extractExtendedRCode bsc1224018 - cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64...

CVE-2023-30624 Wasmtime has Undefined Behavior in Rust runtime functions

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...

SUSE-SU-2020:3864-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: -webkit2gtk3 was updated to version 2.30.3 bsc1179122 bsc1179451: - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code...

openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2020:1660-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2020:2800-1 Security update for nodejs8

This update for nodejs8 fixes the following issues: - CVE-2020-8174: Fixed multiple memory corruption in napigetvaluestring bsc1172443. - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames bsc1172442. - CVE-2020-7598: Fixed an issue which...

Microsoft Windows - Workstation Service WKSSVC Remote (MS03-049)

Microsoft Windows - Workstation Service WKSSVC Remote MS03-049 / Author: snooq Date: 14 November 2003 +++++++++++++ THIS IS A PRIVATE VERSION +++++++++++++++ This is just slightly better than the one I posted to packetstorm.... The public version will crash 'services.exe' immediately while this o...