17048 matches found
CVE-2025-14512
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...
CVE-2025-14512
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...
CVE-2025-14512
CVE-2025-14512 affects GLib2 (glib2) in IBM Netezza Appliance. The IBM security bulletin confirms a vulnerability in GLib’s GIO escape_byte_string() that can cause a heap-based buffer overflow leading to DoS when processing certain file or remote filesystem attribute values. Remediation: upgrade ...
CVE-2025-14512
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...
CVE-2025-14512
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values. Mitigation Mitigation for this issue is eith...
SUSE CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2508)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2488)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
Linux Distros Unpatched Vulnerability : CVE-2025-14372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2529)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
PT-2025-50768
Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.4.0 Description MaxKB, an open-source AI assistant for enterprise, contains a flaw in the tool module that allows an attacker to escape the sandbox environment and gain elevated privileges. This occurs under specific...
Linux Distros Unpatched Vulnerability : CVE-2025-14512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output...
EulerOS 2.0 SP13 : busybox (EulerOS-SA-2025-2516)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence,...
FreeBSD : Mozilla -- Sandbox escape (9a9d50a6-d6a8-11f0-8e1b-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9a9d50a6-d6a8-11f0-8e1b-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1996473 reports: Sandbox escape due to incorrect boundary...
MaxKB 竞争条件问题漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A competitive condition issue vulnerability exists in MaxKB 2.3.1 and earlier versions, which stems from a tool module that allows an attacker to escape the sandbox...
EulerOS 2.0 SP13 : busybox (EulerOS-SA-2025-2495)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence,...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...
RockyLinux 10 : firefox (RLSA-2025:23035)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23035 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free i...