3 matches found
CVE-2026-58472
GNU Wget 1.25.0 contains a heap buffer overflow in html_quote_string() (src/convert.c) triggered by a crafted HTML attribute that requires extensive entity encoding. A server-supplied HTML attribute overflows a signed integer counter during output size accumulation, causing an undersized heap all...
SUSE-SU-2025:20754-1 Security update for aide
This update for aide fixes the following issues: - CVE-2025-54389: Fixed improper output neutralization bsc1247884 - CVE-2025-54409: Fixed null pointer dereference after reading incorrectly encoded xattr attributes from database bsc1247885...
The vulnerabilities of the functions AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding(), and AppendEncodedCharacters() in browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird allow an attacker to execute arbitrary code.
The vulnerabilities of the functions AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding, and AppendEncodedCharacters in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to integer overflow. Exploiting these vulnerabilities allows a malicious...