CVE-2021-23988

Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 87...

CVE-2021-38499

Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 93...

CVE-2019-17025

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 72...

Pro-Ukraine Group Targets Russian Developers with Python Backdoor

ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine…...

CVE-2025-3632

IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module HSM due to improper memory allocation of an excessive size...

CVE-2025-3632 IBM 4769 Developers Toolkit denial of service

IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module HSM due to improper memory allocation of an excessive size...

PT-2025-20726 · Ibm · Ibm 4769 Developers Toolkit

Name of the Vulnerable Software and Affected Versions: IBM 4769 Developers Toolkit versions 7.0.0 through 7.5.52 Description: The issue allows a remote attacker to cause a denial of service in the Hardware Security Module HSM due to improper memory allocation of an excessive size. Recommendations...

wgp 安全漏洞

wgp is a library by Nugine Personal Developers. A security vulnerability exists in wgp version 0.2.0, which stems from a lack of thread synchronization in dropslow...

libmnl bug fix update

An update is available for libmnl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libmnl is a minimalistic user-space library oriented to Netlink developers...

yaoqishan 安全漏洞

yaoqishan DemonQishan is a video management system for Kobe Personal Developers. A security vulnerability exists in yaoqishan version v0.0.1, which stems from improper access control of the /admin/ API and may result in gaining administrator privileges...

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

SoK: Enhancing Privacy-Preserving Software Development from a Developers' Perspective

In software development, privacy preservation has become essential with the rise of privacy concerns and regulations such as GDPR and CCPA. While several tools, guidelines, methods, methodologies, and frameworks have been proposed to support developers embedding privacy into software applications...

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment. The activity has been attributed by Palo Alto Networks Unit 42 t...

studentmanager 安全漏洞

studentmanager is a student management system by the individual developers of ZeroWdd. A security vulnerability exists in studentmanager version 1.0, which stems from improper authorization in the file /getTeacherList...

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi v.4.8.0, which can be exploited by a remote attacker to elevate privileges via the jobLogId parameter...

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi version v.4.8.0, which stems from the editSave method not properly verifying the requested user privileges, which may result in modification of the system configuration...

ELADMIN 代码问题漏洞

ELADMIN is a backend management system for elunez individual developers. A code issue vulnerability exists in ELADMIN version 2.7 that stems from deserialization...

Hammock AssetView 安全漏洞

Hammock AssetView is an IT asset management tool and information asset management software from Hammock Japan. A security vulnerability exists in Hammock AssetView that originates from data sent to developers that may contain sensitive information...

FreeBSD : electron{33,34} -- Incorrect handle provided in unspecified circumstances in Mojo (01a7e1e1-d249-4dd8-9a4a-ef95b5747afb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 01a7e1e1-d249-4dd8-9a4a-ef95b5747afb advisory. Electron developers report: This update fixes the following vulnerability: Tenable has extracted the...

CVE-2025-2857

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...