OESA-2025-1691 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one ...

IDOL: Improved Different Optimization Levels Testing for Solidity Compilers

As blockchain technology continues to evolve and mature, smart contracts have become a key driving force behind the digitization and automation of transactions. Smart contracts greatly simplify and refine the traditional business transaction processes, and thus have had a profound impact on vario...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to Node.js http-cache-semantics module ( CVE-2022-25881 )

Summary Node.js http-cache-semantics module is used by IBM Cloud Pak for Data as part of the platform. CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of service...

Security Bulletin: Vulnerability in Node.js http-cache-semantics affects IBM Cloud Pak System

Summary Vulnerability in Node.js http-cache-semantics affects IBM Cloud Pak SystemCVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By sendi...

DEBIAN-CVE-2023-52892

In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions such as a + wildcard, leading to name confusion in X.509 certificate host...

Tornado has a CRLF injection in CurlAsyncHTTPClient headers

Summary Tornado’s curlhttpclient.CurlAsyncHTTPClient class is vulnerable to CRLF carriage return/line feed injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return \r or line feed \n characters in the request headers...

SUSE CVE-2021-46921

In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value with the...

SUSE CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

Potentially Undefined Behavior

firefox is vulnerable to potentially undefined behavior. The vulnerability is due to bypassing move semantics, leading to undefined behavior, which attackers can exploit to cause unexpected crashes or execute arbitrary code...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

UBUNTU-CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4774

CVE-2024-4774 affects Mozilla Firefox earlier than 126.0. The issue is in ShmemCharMapHashEntry(), where move semantics for one data member can bypass proper move, causing potentially undefined behavior. Documents corroborate Firefox

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by an attacker to bypass security restrictions by bypassing the move semantics of one of the data members...

[SECURITY] Fedora 39 Update: ghc-toml-parser-1.3.2.0-29.fc39

TOML parser using generated lexers and parsers with careful attention to the TOML 1.0.0 semantics for defining tables...

[SECURITY] Fedora 40 Update: ghc-toml-parser-1.3.2.0-29.fc40

TOML parser using generated lexers and parsers with careful attention to the TOML 1.0.0 semantics for defining tables...

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2024-1222)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...