Amazon Linux 2023 : cairo, cairo-devel, cairo-gobject (ALAS2023-2025-1172)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1172 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory...

Linux Distros Unpatched Vulnerability : CVE-2023-32784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. Th...

Netwave IP camera 安全漏洞

Netwave IP camera is a webcam from Netwave. A security vulnerability exists in Netwave IP camera, which originates from a memory dump issue in //proc/kcore. An unauthenticated attacker can use this vulnerability to steal sensitive information from the network configuration...

GHSA-8RCQ-P4GH-VMJ8 Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

IBM SPSS Modeler Information Disclosure Vulnerability

IBM SPSS Modeler formerly known as Clementine is a set of data mining platforms from the American company IBM. The platform provides a visual environment for rapid model building, and provides functions such as data source connection, data processing, modeling and analysis. A security vulnerabili...