13 matches found
CVE-2026-57244
After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash...
CVE-2026-34935
PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split and forwarded through the call chain to anyio.openprocess with no validation, allowlist check, or sanitization at any hop, allowing arbitrary OS command...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-411032)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411032 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journalreset...
EUVD-2024-3384
Malicious code in bioql PyPI...
EUVD-2021-30119
Malicious code in bioql PyPI...
CVE-2025-27365
CVE-2025-27365 affects IBM MQ Operator LTS 2.0.0–2.0.29, MQ Operator CD 3.0.0–3.1.3, 3.3.0–3.5.1, and MQ Operator SC2 3.2.0–3.2.10. Description: a client connecting to an IBM MQ Queue Manager may trigger a SIGSEGV in the AMQRMPPA channel process, terminating it. CVSS v3.1 base score reported as 6...
Linux Distros Unpatched Vulnerability : CVE-2022-48800
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: remove deadlock due to throttling failing to make progress A soft lockup bug in...
CVE-2025-24973
Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Prior to version 12.25Q1.1, due to an improper implementation of the logout process, authentication credentials remain in cookies even after a user has explicitly logged out, which may allow an attacker ...
Mozilla: Out of bounds write due to unexpected WebAuthN Extensions
The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...
CVE-2021-39034
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process. IBM X-Force ID: 213964...
CVE-2021-39034
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process. IBM X-Force ID: 213964...
SUSE-SU-2017:1627-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. bsc1042146 Also the following non security bug was fixed: -...
Netscape iCal 2.1 Patch2 - iPlanet iCal 'iplncal.sh' Permissions
source: https://www.securityfocus.com/bid/1768/info Netscape's iPlanet iCal application is a network based calendar service built for deployment in organizations which require a centralized calendar system. Certain versions of iCal ship with a vulnerability introduced in the installation process...