Astra Linux - уязвимость в firefox

Some WASM source files may have caused a crash when loaded in devtools. This vulnerability affects Firefox versions earlier than 122...

PT-2025-50138

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS issue in the AddressesCc parameter of the ''/Mondo/lang/sys/Forms/AddressBook.aspx'' endpoint. The AddressesCc value...

Cloudlog 安全漏洞

Cloudlog is a self-hosted PHP application by the individual developer Peter Goodhall. Allows logging of amateur radio contacts from anywhere. A security vulnerability exists in Cloudlog 2.7.5 and earlier versions that stems from the vuccdetailsajax function in Awards.php not properly cleaning up...

PT-2025-38589

Name of the Vulnerable Software and Affected Versions StorageGRID versions prior to 11.8.0.15 StorageGRID versions prior to 11.9.0.8 Description StorageGRID formerly StorageGRID Webscale is susceptible to a Reflected Cross-Site Scripting issue. Successful exploitation could allow an attacker to...

CVE-2025-10527

This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

CVE-2025-59042 PyInstaller has local privilege escalation vulnerability

PyInstaller bundles a Python application and all its dependencies into a single package. Due to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen application, and due to the bootstrap script attempting to load an optional module for bytecode decryptio...

CVE-2025-22874 affecting package golang for versions less than 1.24.4-1

CVE-2025-22874 affecting package golang for versions less than 1.24.4-1. A patched version of the package is available...

SUSE CVE-2011-3626

Double free vulnerability in the prepareexec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file...

PYSEC-2021-185

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...

DEBIAN-CVE-2019-11703

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04692)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. SQL injection vulnerability exists in the ajax/status.php file in versions prior to ZoneMinder 1.32.3, which can be exploited by remote attackers to execute SQL commands with...

PT-2016-7715 · Python Cryptography Authority +2 · Cryptography +2

Name of the Vulnerable Software and Affected Versions: cryptography versions prior to 1.5.3 Description: The issue arises when HKDF in cryptography is used with a length less than algorithm.digest size, resulting in an empty byte-string being returned. Recommendations: For versions prior to 1.5.3...