356 matches found
GHSA-5GW5-JCCF-6HXW GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
Summary It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Details A unauthenticated user can supply a request that will be issued by the server. This can be used to enumerate internal networks and also in the case of cloud...
CVE-2025-47950 CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS vulnerability exists in the CoreDNS DNS-over-QUIC DoQ server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number of...
CVE-2024-52035
A flaw was found in the catdoc OLE Document File Allocation Table Parser. This vulnerability allows heap-based memory corruption via a specially crafted malformed file. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
CVE-2025-48943
An application level denial of service flaw was found in vLLM. This flaw allows a remote attacker with access to the system prompt to submit an invalid regular expression while requesting structured output and crash the vLLM instance. Mitigation Mitigation for this issue is either not available o...
CVE-2024-47057
SummaryThis advisory addresses a security vulnerability in Mautic related to the "Forget your password" functionality. This vulnerability could be exploited by unauthenticated users to enumerate valid usernames. User Enumeration via Timing Attack: A user enumeration vulnerability exists in the...
CVE-2025-46803
The default mode of pseudo terminals PTYs allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system...
CVE-2024-51498
cobalt is a media downloader that doesn't piss you off. A malicious cobalt instance could serve links with the javascript: protocol, resulting in Cross-site Scripting XSS when the user tries to download an item from a picker. This issue has been present since commit 66bac03e, was mitigated in...
CVE-2020-9692
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2019-14356
On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be...
CVE-2019-10073
The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616...
PT-2025-21751
Name of the Vulnerable Software and Affected Versions: Spring Framework versions 5.3.0 through 5.3.42 Spring Framework versions 6.0.0 through 6.0.27 Spring Framework versions 6.1.0 through 6.1.19 Spring Framework versions 6.2.0 through 6.2.6 Description: The issue concerns a bypass of disallowed...
CVE-2025-3931
A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks,...
2025.1 IPU -Intel® Processor Advisory
Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-28956 Description: Exposure of Sensitive...
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a Race Condition vulnerability in Apache Tomcat [CVE-2024-56337]
Summary IBM Watson Speech Services Cartridge is vulnerable to a Race Condition vulnerability in Apache Tomcat, due to a case insensitive file system, caused by improper default installation settings CVE-2024-56337. Apache Tomcat is used in our Speech microservices. This vulnerabilitiy has been...
CVE-2025-3501
A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended. Mitigation Use the correct TLS configuration and avoid using "--tls-hostname-verifier=any"...
CVE-2025-43961
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment,...
CVE-2025-29769
libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...
CVE-2024-38797
A flaw was found in EDK2. This vulnerability allows an attacker to cause an out-of-bounds read, potentially leading to a loss of integrity and/or availability via a crafted data pointer and length sent over an adjacent network. Mitigation Mitigation for this issue is either not available or the...
CVE-2025-31124 Zitadel allows User Enumeration by loginname attribute normalization
Zitadel is open-source identity infrastructure software. ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. If enabled, ZITADEL will show the password prompt even if the user doesn't exist and report...
Exploit for CVE-2025-29927
CVE-2025-29927 - Next.js Middleware Authorization Bypass PoC...