72 matches found
CVE-2025-52639 HCL Connections is vulnerable to sensitive information disclosure
HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data...
CVE-2025-26862
Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...
[SECURITY] [DLA 4337-1] svgpp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4337-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 17, 2025 https://wiki.debian.org/LTS -...
EUVD-2017-7021
Malware in sbrugna...
EUVD-2012-3597
Malware in sbrugna...
EUVD-2012-2880
Malware in sbrugna...
EUVD-2022-0861
Malicious code in bioql PyPI...
EUVD-2022-6383
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-55780
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function...
SUSE-SU-2025:02968-1 Security update for libqt4
This update for libqt4 fixes the following issues: - CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm bsc1211298 - CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file...
AlmaLinux 8 : kernel (ALSA-2025:13960)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13960 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: netsched: ets: Fix double list add in class with netem as child...
Linux Distros Unpatched Vulnerability : CVE-2023-4573
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially...
CVE-2025-4700
Removed by vendor...
PT-2025-26573 · Unknown · Spytrap-Adb
Name of the Vulnerable Software and Affected Versions: spytrap-adb versions prior to 0.3.5 Description: The issue causes matches for known stalkerware to not be rendered or displayed in the interactive user interface. This potentially allows dangerous spyware infections to go unnoticed by users...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
CVE-2022-28204
A denial-of-service issue was discovered in MediaWiki 1.37.x before 1.37.2. Rendering of w/index.php?title=Special%3AWhatLinksHere⌖=Property%3AP31=1=1 can take more than thirty seconds. There is a DDoS risk...
CVE-2014-9509
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote attackers to have an unspecified impact possibly resource consumption via a "Cache Poisoning" attack using a...
CVE-2025-0475
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances...
GitLab 跨站脚本漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A cross-site scripting vulnerability exists in GitLab CE/EE, which stems from...
GitLab 8.16 < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-6329)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web...