4140 matches found
Cybersecurity communities. Small hacker groups, big impact
TL;DR Cybersecurity communities and groups are an excellent opportunity to network and learn There are OWASP, DEF CON, 2600, university hacking societies, Meetup communities and more to choose from They provide workshops, talks, and practical learning opportunities benefiting both newcomers and...
kernel: net/mlx5e: fix a double-free in arfs_create_groups
A double-free vulnerability was found in the arfscreategroups function in the Linux kernel's net/mlx5e driver. This issue could lead to memory corruption or a system crash if exploited, as freeing the same memory twice may cause undefined behavior...
ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns
Trend Zero Day Initiative™ ZDI uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373 aka ZDI-25-148, a Windows .lnk file vulnerability that enables hidden command execution...
CVE-2020-29010
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. The sensiti...
xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
Wire has Uncontrolled Recursion on Nested Groups
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
GHSA-PWF9-Q62P-V7WC Wire has Uncontrolled Recursion on Nested Groups
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper enforcement of recursion limits in ByteArrayProtoReader32.kt and ProtoReader.kt. An attacker can cause a denial of service by sending deeply nested group structures. Remediation Upgrade...
Square Wire 安全漏洞
Square Wire is an open source protocol buffer processing library open-sourced by Square in the United States, mainly used for efficient data serialization and deserialization. A security vulnerability exists in Square Wire versions prior to 5.2.0, which stems from not enforcing a recursion...
CVE-2024-58103
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
CVE-2025-27789
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
GHSA-47WW-FF84-4JRG Cosmos SDK: x/group can halt when erroring in EndBlocker
Name: ISA-2025-002: x/group can halt when erroring in EndBlocker Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.47.16, = 0.50.12 Affected users: Validators, Full nodes, Users on chains that utilize the groups module Cosmos SDK...
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups
Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...
GHSA-968P-4WVH-CQC8 Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups
Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...
UBUNTU-CVE-2025-27789
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...