GTK+ 3: Search path vulnerability

Background GTK+ GIMP Toolkit + is a toolkit for creating graphical user interfaces. Description A vulnerability has been discovered in GTK+ 3. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no kno...

[SECURITY] Fedora 42 Update: qt6-qtcharts-6.9.1-1.fc42

Qt Charts module provides a set of easy to use chart components. It uses the Qt Graphics View Framework, therefore charts can be easily integrated to modern user interfaces. Qt Charts can be used as QWidgets, QGra phicsWidget, or QML types. Users can easily create impressive graphs by selecting o...

PCEvolve: Private Contrastive Evolution for Synthetic Dataset Generation Via Few-Shot Private Data and Generative APIs

The rise of generative APIs has fueled interest in privacy-preserving synthetic data generation. While the Private Evolution PE algorithm generates Differential Privacy DP synthetic images using diffusion model APIs, it struggles with few-shot private data due to the limitations of its DP-protect...

CVE-2025-2826

n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to...

CVE-2025-2826 n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets.

n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to...

CVE-2025-2826

CVE-2025-2826 affects Arista EOS platforms where IPv4/ MAC / IPv6 ingress ACLs may not be enforced on one or more interfaces, leading to ingress packets being incorrectly allowed or denied. The Arista advisory notes the issue exists in EOS train 4.33.x, with fixed releases including 4.33.2.1F, 4....

CVE-2024-20315

A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts...

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces...

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces...

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces...

CVE-2023-7080

The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary cod...

CVE-2023-51371

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating...

CVE-2023-20191

A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit th...

CVE-2023-20205

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

CVE-2022-24071

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs...

CVE-2022-20341

In ConnectivityService, there is a possible bypass of network permissions due to a missing permission check. This could lead to local information disclosure of tethering interfaces with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-37206

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 All versions V8.80, SIPROTEC 5 relays with CPU variants CP100 All versions V8.80, SIPROTEC 5 relays with CPU variants CP300 All versions V8.80. Received webpackets are not properly processed. An unauthenticated remot...

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wire...

CVE-2021-22403

There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands...

CVE-2021-30266

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...