EUVD-2011-3404

Malware in sbrugna...

EUVD-2021-1559

Malware in sbrugna...

EUVD-2025-22934

Malicious code in bioql PyPI...

Mozilla Firefox < 139.0

The version of Firefox installed on the remote Windows host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-42 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these...

c-ares 1.32.3 < 1.34.5 Use After Free (macOS)

The version of c-ares installed on the remote host is affected by a use after free vulnerability. c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when t...

bind9.18 security update

An update is available for bind9.18. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Na...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.37 security update

Red Hat OpenShift Container Platform release 4.16.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

OPENSUSE-SU-2021:2774-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.13.0 ESR MFSA 2021-34, bsc1188891: - CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption - CVE-2021-29988: Memory corruption as a result of incorrect style...

MGASA-2021-0369 Updated golang packages fix security vulnerabilities

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method CVE-2021-27918. net/http in Go before 1.15.12 and 1.16.x before 1.16....

OPENSUSE-SU-2019:2540-1 Security update for squid

This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi bsc1140738. - CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. -...

Microsoft Windows - dnslint.exe Drive-By Download

Microsoft Windows - dnslint.exe Drive-By Download + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DNSLINT.EXE-FORCED-DRIVE-BY-DOWNLOAD.txt + ISR: Apparition Security Greetz: indoushka | Eduardo Vendor...

CURL-CVE-2016-8625 IDNA 2003 makes curl use wrong host

When curl is built with libidn to handle International Domain Names IDNA, it translates them to puny code for DNS resolving using the IDNA 2003 standard, while IDNA 2008 is the modern and up-to-date IDNA standard. This misalignment causes problems with for example domains using the German ß...

[Full-Disclosure] MDKSA-2003:086 - Updated sendmail packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: sendmail Advisory ID: MDKSA-2003:086 Date: August 26th, 2003 Affected versions: 8.2, 9.0, Corporate Server 2.1 Problem Description: A vulnerability was discovered in all 8.12.x versions of sendmail...