编号撤回

GNOME is the GNOME open source suite of purely free computer software. It is used to provide a graphical desktop environment. This CVE number has been withdrawn...

[SECURITY] Fedora 41 Update: cutter-re-2.3.4-6.fc41

Cutter is a Qt and C++ GUI for Rizin. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers...

Use After Free

libxml2 and nokogiri are vulnerable to a Use-After-Free. The vulnerability is due to improper memory handling due to a flaw in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c, which can be exploited when a crafted XML document is validated against an XML schema with...

CVE-2021-37652

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.BoostedTreesCreateEnsemble can result in a use after free error if an attacker supplies specially crafted arguments. The implementation uses a reference counted resource an...

MAL-2024-3767 Malicious code in updated-tricks-v-bucks-generator-free_2023-vf55g (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3713 Malicious code in updated-tricks-v-bucks-generator-free_2023-qw3jq (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3692 Malicious code in updated-tricks-v-bucks-generator-free_2023-nezd (npm)

--- -= Per source details. Do not edit below this line.=-...

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive...

[SECURITY] Fedora 39 Update: efifs-1.9-6.fc39

Free software EFI/UEFI standalone file system drivers, based on the GRUB 2.0 read-only drivers: AFFS Amiga Fast FileSystem, BFS BeOS FileSystem, btrfs, exFAT, ext2/ext3/ext4, F2FS experimental, HFS and HFS+ Mac OS, including the compression support, ISO9660, JFS Journaled FileSystem, nilfs2, NTFS...

[SECURITY] Fedora 40 Update: efifs-1.9-6.fc40

Free software EFI/UEFI standalone file system drivers, based on the GRUB 2.0 read-only drivers: AFFS Amiga Fast FileSystem, BFS BeOS FileSystem, btrfs, exFAT, ext2/ext3/ext4, F2FS experimental, HFS and HFS+ Mac OS, including the compression support, ISO9660, JFS Journaled FileSystem, nilfs2, NTFS...

Fedora: Security Advisory (FEDORA-2024-69933b0732)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-07342adb87)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Kali Linux 2024.1 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2024.1. This release has various impressive updates. The summary of the changelog since the 2023.4 release from December is: Micro Mirror Free Software CDN - FCIX Software Mirror reached out offering to host our images, and we said yes 2024 Theme...

CVE-2024-23645

GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12...

Moderate: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Pleasanter Security Vulnerability

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter. A security vulnerability exists in Pleasanter. An attacker can exploit the vulnerability to perform cross-site scripting attacks...

Fostering Innovation in Web Security

Ive always created growth by focusing on free. It started back in 2003 when I launched WorkZoo in London. WorkZoo was a job search engine that ended up being one of Time Magazines top 50 websites of 2005. These days we take free search capability for granted, but 20 years ago, before Nginx came...

Moderate: Red Hat Security Advisory: frr security and bug fix update

An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2023-35924

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.8, GLPI inventory endpoint can be used to drive a SQL injection attack. By default, GLPI inventory endpoint requires no authentication. Version 10.0.8 has a patch for this issue. As a...

Jellyfin suffers from an SSRF vulnerability (CNVD-2023-52831)

Jellyfin is a free software media system. Jellyfin suffers from an SSRF vulnerability that can be exploited by an attacker to access web resources and sensitive information via a crafted POST request...