Exploit for CVE-2025-55349

CVE-2025-55349 — pm2 Arbitrary Code Execution via postinstall...

Security update for python311

This update for python311 fixes the following issues: Security issues fixed: CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 CVE-2024-4032: Fixed incorrect IPv4 and IP...

SUSE-SU-2025:02089-1 Security update for python311

This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 - CVE-2024-4032: Fixed incorrect IPv4...

ROS-2-1315

2.1315 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

ROS-2-1264

2.1264 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-1349

2.1349 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

PT-2023-21693 · Unknown · Conprosys Hmi System

Name of the Vulnerable Software and Affected Versions: CONPROSYS HMI System CHS versions prior to 3.5.3 Description: The issue is related to incorrect permission assignment for a critical resource in the CONPROSYS HMI System CHS. The Access Control List ACL is not set correctly for the local fold...

MAL-2022-5384 Malicious code in pnpm-local-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53aa0e5484077b33dca99874f607f08f4996f8d1fa2e9fabc7b21f7aed81265 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in pnpm-local-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53aa0e5484077b33dca99874f607f08f4996f8d1fa2e9fabc7b21f7aed81265 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ROS-2-1305

2.1305 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-928

2.928 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-662

2.662 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

ROS-2-2184

2.2184 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-2161

2.2161 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

ROS-2-2188

2.2188 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: Vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted archiv...

ROC - Infineon RSA Vulnerability

This tool is related to ACM CCS 2017 conference paper 124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. It enables you to test public RSA keys for a presence of the described vulnerability. Update : The paper of the attack is already online, ACM version...