EUVD-2021-18751

Malware in sbrugna...

CVE-2025-31481 GraphQL query operations security can be bypassed

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17...

CVE-2024-56357 Cross-site Scripting vulnerability through custom widget URLs and form redirect URLs in grist-core

grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account compromised, because it was possible to use the javascript: scheme with custom widget URLs and form redirect URLs. This issue has been patched in version 1.3.1...

MGASA-2024-0239 Updated python-ansible-core packages fix security vulnerability

ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration CVE-2024-0690...

Updated jupyter-core packages fix security vulnerability

Arbitrary code execution when loading configuration files CVE-2022-39286...

GSD-2022-1003332 pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()

pinctrl: renesas: core: Fix possible null-ptr-deref in shpfcmapresources This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

Qualcomm Qualcomm Core Security Vulnerability

Qualcomm Core is a core support firmware used on processors from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Core Services, which arises from improper release of uninitialized memory. The following products and versions are affected: APQ8017, APQ8053, AQT1000, MSM8917,...

Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-010

More info at https://www.drupal.org/sa-core-2020-010...