SUSE CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

UBUNTU-CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

CVE-2025-32464

CVE-2025-32464 affects HAProxy 2.2–3.1.6 in some configurations, causing a heap-based buffer overflow in the sample_conv_regsub routine due to mishandling the replacement of multiple short patterns with a longer one. The issue is documented across multiple sources (Debian LTS advisory fixes in 2....

Description of the security update for Excel 2016: April 8, 2025 (KB5002704)

Description of the security update for Excel 2016: April 8, 2025 KB5002704 Summary This security update resolves a Microsoft Excel remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following security...

Description of the security update for Office 2016: April 8, 2025 (KB5002573)

Description of the security update for Office 2016: April 8, 2025 KB5002573 Summary This security update resolves a Microsoft Word security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-29816. Note: To apply this...

Description of the security update for OneNote 2016: April 8, 2025 (KB5002622)

Description of the security update for OneNote 2016: April 8, 2025 KB5002622 Summary This security update resolves a Microsoft OneNote security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-29822. Note: To apply th...

Siemens SENTRON 7KT PAC1260 Data Manager

SUMMARY SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below. Software fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace...

AIDE 0.19

AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...

The vulnerability of the microprogrammed software for ViewJet C-more Series sensor panels, related to information representation errors in the user interface, allows a intruder to replace the user interface.

The vulnerability of the microprogrammed software for ViewJet C-more Series sensor panels is related to errors in information representation by the user interface. Exploiting this vulnerability can allow an attacker to remotely replace the user interface...

BIT-JOOMLA-2021-23128 [20210302] - Core - Potential Insecure FOFEncryptRandval

An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF FOFEncryptRandval used an potential insecure implemetation. That has now been replaced with a call to 'randombytes' and its backport that is shipped within randomcompat...

CVE-2025-21925 llc: do not use skb_get() before dev_queue_xmit()

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

CVE-2025-21925 llc: do not use skb_get() before dev_queue_xmit()

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

CVE-2023-53013

In the Linux kernel, the following vulnerability has been resolved: ptdma: ptcoreexecutecmd should use spinlock The interrupt handler ptcoreirqhandler of the ptdma driver can be called from interrupt context. The code flow in this function can lead down to ptcoreexecutecmd which will attempt to...

encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

...

GHSA-963H-3V39-3PQF Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]

Impact Users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code when drawing graphs, unless the library is used with the vega-interpreter. Workarounds - Use vega with expression interpreter - Upgrade to a newer Vega version 5.32.0 POC Summary Calling replace with a...

CVE-2023-52990

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-53027

Removed by vendor...

CVE-2023-53013 ptdma: pt_core_execute_cmd() should use spinlock

In the Linux kernel, the following vulnerability has been resolved: ptdma: ptcoreexecutecmd should use spinlock The interrupt handler ptcoreirqhandler of the ptdma driver can be called from interrupt context. The code flow in this function can lead down to ptcoreexecutecmd which will attempt to...