EUVD-2023-31658

Malicious code in bioql PyPI...

EUVD-2024-41740

Malicious code in bioql PyPI...

EUVD-2025-32303

phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

RLSA-2025:14417 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

RLSA-2025:14844 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-917...

RLSA-2025:16589 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

RLSA-2025:16260 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

Incorrect User Management

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Incorrect User Management due to allowing multiple accounts connected to the same email address. An attacker can cause account ambiguity by registering...

CVE-2025-11223

Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory...

CVE-2025-11223

Summary of CVE-2025-11223 : Panasonic AutoDownloader installer for version 1.2.8 contains a DLL search path issue (CWE-427) that may allow loading a crafted DLL file from the same directory. This could enable arbitrary code execution with the privileges of the user invoking the installer. Public ...

GHSA-P8HW-RFJG-689H Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI

Description OIDC authentication uses cookies with the SameSite=Strict attribute, preventing cookies from being sent with requests from other sites. Therefore, CSRF does not occur as long as web services in a Same Site relationship same eTLD+1 with the origin running LXD-UI are trusted. However,...

Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI

Description OIDC authentication uses cookies with the SameSite=Strict attribute, preventing cookies from being sent with requests from other sites. Therefore, CSRF does not occur as long as web services in a Same Site relationship same eTLD+1 with the origin running LXD-UI are trusted. However,...

Tucows (VDP): CSRF allowing unauthorized modification of user Notes on ███████

A CSRF vulnerability was discovered that allowed unauthorized modification of user notes. The vulnerability was present in the endpoint that handled saving the notes. The endpoint did not implement proper CSRF protection, allowing an attacker to craft a malicious link that could be used to modify...

Brave Desktop 1.83.108 Security Fixes

Updated split view to respect SameSite attribute as reported on HackerOne by mingijung. - Removed incorrectly elided URL from shields panel as reported on HackerOne by apapedulimu. Upgraded Chromium to 141.0.7390.55 — refer to Google Chrome advisories for inherited CVEs...

CVE-2025-59147 Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers with...

CVE-2025-59147 Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers with...

CVE-2023-53492 netfilter: nf_tables: do not ignore genmask when looking up chain by id

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...