329 matches found
AlmaLinux 9 : runc (ALSA-2025:19927)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:19927 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...
Updated opencontainers-runc packages fix security vulnerabilities
The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...
CVE-2025-12829
An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...
EUVD-2025-38328
An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...
CVE-2025-12829
An uninitialized stack read in Amazon Ion-C versions
CVE-2025-12829
An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...
PT-2025-45475
Name of the Vulnerable Software and Affected Versions Amazon Ion-C versions prior to 1.1.4 Description An uninitialized stack read issue exists that may allow an attacker to craft data and serialize it to Ion text. This could expose sensitive data in memory through UTF-8 escape sequences...
Amazon Ion C 安全漏洞
Amazon Ion C is an amazon-ion open source C implementation of Amazon Ion. A security vulnerability exists in versions prior to Amazon Ion C v1.1.4, which stems from an uninitialized stack read issue that could cause UTF-8 escape sequences to expose sensitive data in memory...
git: Git does not sanitize URLs when asking for credentials interactively
A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...
Malicious Package
Overview ddok-escapes is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
RLSA-2025:16108 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...
AlmaLinux 10 : thunderbird (ALSA-2025:16157)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16157 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...
SUSE CVE-2023-53677
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
CVE-2023-53677
CVE-2023-53677 is associated with a Linux kernel issue in the drm/i915 area. The affected component is the i915 selftests code path, where the patch fixes memory leaks on error escapes in function fake_get_pages (cherry-picked from a kernel commit). The vulnerability was resolved in the kernel, a...
EUVD-2010-4625
Malware in sbrugna...
EUVD-2020-7695
Malware in sbrugna...
EUVD-2018-3572
Malware in sbrugna...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
RHEL 8 : thunderbird (RHSA-2025:17341)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:17341 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free i...