EUVD-2016-6976

Malware in sbrugna...

RLSA-2025:7995 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2025-31205 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-31257 For mor...

webkit2gtk3 security update

An update is available for webkit2gtk3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...

EUVD-2025-27685

Malicious code in bioql PyPI...

EUVD-2025-24597

Malicious code in bioql PyPI...

BIT-GITLAB-2025-2614 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2025-2614

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2025-2614

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

UBUNTU-CVE-2025-2614

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2025-2614 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2025-2614

CVE-2025-2614 affects GitLab CE/EE. The issue exists in all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2, where an authenticated user could cause a denial of service by submitting specially crafted content that consumes excessive server resources when processed. Th...

CVE-2025-2614 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2025-2614

Removed by vendor...

CVE-2025-45479

Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecting crafted content into a container...

webkitgtk: Use-after-free leading to arbitrary code execution

A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

webkitgtk: Buffer overflow leading to arbitrary code execution

A buffer overflow flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed...

webkitgtk: Type confusion issue leading to arbitrary code execution

A confusion type flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed...

webkitgtk: Use-after-free leading to arbitrary code execution

A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the...

webkitgtk: Type confusion leading to arbitrary code execution

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution...

webkitgtk: memory corruption issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...