92 matches found
CVE-2026-59857
Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spellsoundfoldsal in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer, but its result writes are guarded with reslen MAXWLEN, allowing reslen...
[SECURITY] Fedora 43 Update: python-django-haystack-3.4.0-1.fc43
Haystack provides modular search for Django. It features a unified, familiar API that allows you to plug in different search backends such as Solr, Elasticsearch, Whoosh, Xapian, etc. without having to modify your code. Haystack is BSD licensed, plays nicely with third-party app without needing t...
[SECURITY] Fedora 44 Update: python-django-haystack-3.4.0-1.fc44
Haystack provides modular search for Django. It features a unified, familiar API that allows you to plug in different search backends such as Solr, Elasticsearch, Whoosh, Xapian, etc. without having to modify your code. Haystack is BSD licensed, plays nicely with third-party app without needing t...
CVE-2026-53028 usb: typec: Fix error pointer dereference
In the Linux kernel, the following vulnerability has been resolved: usb: typec: Fix error pointer dereference The variable tps-partner is checked for an error pointer and then if it is, it sends an error message but does not return and then immediately dereferenced a few lines below: tps-partner ...
Vim 安全漏洞
Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0450 contained security vulnerabilities. These vulnerabilities were caused by a heap buffer overflow in the readcompound function, which could allow attackers to exploit a specially crafted...
Spelling Checker for Visual Studio Code 安全漏洞
Spelling Checker for Visual Studio Code is a simple source code spell checker developed by Street Side Software. Versions of Spelling Checker for Visual Studio Code prior to v4.5.4 contained a security vulnerability. This vulnerability stemmed from improper handling of trust flags, which could...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a spelling error in the frequency notifications. This vulnerability may lead to null pointer...
EUVD-2018-4546
Malware in sbrugna...
EUVD-2024-41433
Malicious code in bioql PyPI...
CVE-2024-45312
Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 or 4.2.7 for the 4.x series contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the aspell executable running on the...
CVE-2021-32724
check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the...
CVE-2024-10473
The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo Settings when outputing them in pages where the Logo Slider shortcode is embed, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks...
Acronis Cyber Files 安全漏洞
Acronis Cyber Files is a secure file synchronization and sharing solution from Acronis Switzerland. A security vulnerability exists in Acronis Cyber Files versions prior to 9.0.0x24, which stems from spelling hijacking that results in the disclosure of sensitive information...
CVE-2024-45312
Summary: CVE-2024-45312 affects Overleaf Community Edition and Server Pro before 5.0.7 (or 4.x before 4.2.7). The issue lets an arbitrary language parameter in client spelling requests reach the server’s aspell process, causing it to load a dictionary file with an arbitrary filename; access is li...
On the Voynich Manuscript
Really interesting article on the ancient-manuscript scholars who are applying their techniques to the Voynich Manuscript. No one has been able to understand the writing yet, but there are some new understandings: Davis presented her findings at the medieval-studies conference and published them ...
SUSE CVE-2024-26847
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...
DEBIAN-CVE-2024-26847
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...
PT-2024-7683 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc4 Description: The vulnerability is caused by the incorrect spelling of a function name in the RTAS function table, leading to failed reverse lookups and warnings. The PAPR spec spells the function name ...
The vulnerability of the NSSpellChecker spelling checking interface on operating systems such as Mac OS, tvOS, watchOS, iOS, and iPadOS allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the NSSpellChecker spelling checker interface on operating systems such as Mac OS, tvOS, watchOS, iOS, and iPadOS is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Metasploit Weekly Wrap-Up 01/12/24
New module content 1 Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor Author: Pasquale 'sid' Fiorillo Type: Post Pull request: 18604 contributed by siddolo Path: windows/gather/credentials/winboxsettings Description: This pull request introduces a new post module to extract th...