13 matches found
EUVD-2025-210425
picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...
SUSE-SU-2026:21880-1 Security update for vim
This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...
Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016595 advisory. The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service. Tenable has extracted the precedin...
EUVD-2025-29442
Malicious code in bioql PyPI...
OESA-2024-1517 perl-Mojolicious security update
Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...
UBUNTU-CVE-2021-47208
The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service...
ROS-2-853
2.853 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-2222
2.2222 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1700
2.1700 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
xorg-x11-server denial of service vulnerability (CNVD-2018-03151)
The xorg-x11-server is an X Window System display server bundled with multiple vendor operating systems. A security vulnerability exists in the XFIXES extension in versions of xorg-x11-server prior to 1.19.5, which stems from a lack of length detection in the program. An attacker can exploit this...
UBUNTU-CVE-2014-8173
The pmdnoneortranshugeorclearbad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory PMD entry is a transparent huge-table entry, which allows local users to cause a denial of service NULL pointer...
DEBIAN-CVE-2014-4715
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted...
Honeyd remote detection vulnerability via a probe packet
Background Honeyd is a virtual honeypot daemon that can simulate virtual hosts on unallocated IP addresses. Description A bug in handling NMAP fingerprints caused Honeyd to reply to TCP packets with both the SYN and RST flags set. Watching for replies, it is possible to detect IP addresses...