EUVD-2025-25476

Malicious code in bioql PyPI...

CVE-2025-57753

vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2...

CVE-2025-57753 vite-plugin-static-copy files not included in `src` are accessible with a crafted request

vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2...

CVE-2025-57753 vite-plugin-static-copy files not included in `src` are accessible with a crafted request

vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2...

CVE-2022-41003

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

Stack overflow

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method

The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...

Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method

The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...

open build service information disclosure vulnerability

The open build service is a general-purpose system for building and distributing packages from source code in an automated, consistent and repeatable manner. A security vulnerability exists in the bsworker code in versions of open build service prior to 20170320. An attacker can exploit the...

UBUNTU-CVE-2017-5188

The bsworker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information...

DEBIAN-CVE-2017-5188

The bsworker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information...