254 matches found
CVE-2026-24003 EvseV2G has sequence state validation bypass
EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state verification including authentication, and send requests that transition to forbidden states relative to the current one, thereby updating the current context with...
curl: Infinite loop issue in the state machine of the curl project
Summary: Vulnerability impact: When curl attempts to download files from a malicious FTP server, it triggers an infinite loop in the code execution. I discovered this issue in the FTP functionality of the curl project .As described in...
net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY
...
[SECURITY] Fedora 42 Update: qt5-qtscxml-5.15.18-1.fc42
The Qt SCXML module provides functionality to create state machines from SCXM L files. This includes both dynamically creating state machines loading the SCXML file and instantiating states and transitions and generating a C++ file that has a class implementing the state machine. It also contains...
CVE-2025-40061 RDMA/rxe: Fix race in do_task() when draining
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...
EUVD-2017-3891
Malware in sbrugna...
EUVD-2015-2811
Malware in sbrugna...
RLSA-2025:12187 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
EUVD-2025-15839
Malicious code in bioql PyPI...
EUVD-2023-2573
Malicious code in bioql PyPI...
EUVD-2025-19417
Malicious code in bioql PyPI...
EUVD-2023-24749
Malicious code in bioql PyPI...
EUVD-2024-27817
Malicious code in bioql PyPI...
RLSA-2025:12188 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
RLSA-2025:13676 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
CVE-2025-38699 scsi: bfa: Double-free fix
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...
OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...