2873 matches found
SUSE CVE-2026-2789
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-2789 Use-after-free in the Graphics: ImageLib component
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
EUVD-2026-8440
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8...
CVE-2026-2759
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Mozilla Firefox ESR < 115.33
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.33. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-14 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147...
edk2 security update
20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...
EUVD-2026-5828
A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...
Debian dla-4469 : libasound2 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4469 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4469-1 [email protected] https://www.debian.org/lts/security/...
CVE-2020-37110
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modif...
60CycleCMS SQL注入漏洞
60CycleCMS is an open-source content management system developed by 60CycleCMS. Version 2.5.2 of 60CycleCMS has a SQL injection vulnerability. This vulnerability stems from SQL injections in the news.php and common/lib.php files, which could allow attackers to manipulate database queries with...
PT-2026-6429
Note: It is uncertain whether this constitutes a vulnerability or should be filed as an issue instead. Summary In the SSH configuration documentation, the sudoer line that was suggested can be escalated to edit any files in the system. Details The following line were suggested for addition in the...
SUSE CVE-2025-61140
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...
AZL-76295 CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.6.1-3
alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without validating it...
JSONPath vulnerable to Prototype Pollution due to insufficient input validation of object keys in lib/index.js
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...
GHSA-6C59-MWGH-R2X6 JSONPath vulnerable to Prototype Pollution due to insufficient input validation of object keys in lib/index.js
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...
Malicious code in converse-rn-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d76925473e0e05137943f3ba72835d43a14fecbcd07a36ff4f8b362342a303 The package converse-rn-lib was found to contain malicious code. Source: ghsa-malware 2d5c359e434d151a2156ad29e2d3b287cd665dd67ede66ac8c32a968f2ebaef...
Malicious Package
Overview converse-rn-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-565 Malicious code in converse-rn-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d76925473e0e05137943f3ba72835d43a14fecbcd07a36ff4f8b362342a303 The package converse-rn-lib was found to contain malicious code. Source: ghsa-malware 2d5c359e434d151a2156ad29e2d3b287cd665dd67ede66ac8c32a968f2ebaef...
Malicious Package
Overview blockchain-helper-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2025-61140
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...