EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2469)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2508)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...

EUVD-2025-201407

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966 Null-pointer dereference in python-apt TagSection.keys()

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966 Null-pointer dereference in python-apt TagSection.keys()

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966

CVE-2025-6966 is a vulnerability in Python-apt on APT-based Linux systems caused by a NULL pointer dereference in TagSection.keys() when processing deb822 files with malformed non-UTF-8 keys. It can lead to a local denial of service (process crash). The issue is reported across multiple distribut...

Exploit for CVE-2025-55182

Verification shell nuclei -l urls...

[SECURITY] Fedora 42 Update: timg-1.6.3-5.fc42

A user-friendly terminal image viewer that uses graphic capabilities of terminals Sixel, Kitty or iTerm2, or 24-bit color capabilities and Unicode character blocks if these are not available. On terminals that implement the Sixel protocol, the Kitty Graphics Protocol, or the iTerm2 Graphics...

[SECURITY] Fedora 43 Update: timg-1.6.3-5.fc43

A user-friendly terminal image viewer that uses graphic capabilities of terminals Sixel, Kitty or iTerm2, or 24-bit color capabilities and Unicode character blocks if these are not available. On terminals that implement the Sixel protocol, the Kitty Graphics Protocol, or the iTerm2 Graphics...

[SECURITY] Fedora 43 Update: sigil-2.6.2-3.fc43

Sigil is a multi-platform WYSIWYG ebook editor. It is designed to edit books in ePub format. Now what does it have to offer... Full Unicode support: everything you see in Sigil is in UTF-16 Full EPUB spec support WYSIWYG editing Multiple Views: Book View, Code View and Split View Metadata editor...

HTML Injection

mailgen is vulnerable to HTML injection. The vulnerability is due to improper stripping of HTML tags in the generatePlaintext method when Unicode line-separator characters bypass the regex filter, which allows an attacker to inject unexpected HTML that can be interpreted as executable script...

openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2025-20113-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20113-1 advisory. - Update dovecot to 2.4.2: - CVE-2025-30189: Fixed users cached with same cache key when auth cache was enabled bsc1252839 - Changes - auth: Remove...

CVE-2025-12758

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

SUSE-SU-2025:21159-1 Security update for dovecot24

This update for dovecot24 fixes the following issues: - Update dovecot to 2.4.2: - CVE-2025-30189: Fixed users cached with same cache key when auth cache was enabled bsc1252839 - Changes - auth: Remove proxyalways field. - config: Change settings history parsing to use python3. - doveadm: Print...

OPENSUSE-SU-2025-20113-1 Security update for dovecot24

This update for dovecot24 fixes the following issues: - Update dovecot to 2.4.2: - CVE-2025-30189: Fixed users cached with same cache key when auth cache was enabled bsc1252839 - Changes - auth: Remove proxyalways field. - config: Change settings history parsing to use python3. - doveadm: Print...

GHSA-VGHF-HV5Q-VC2G Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

CVE-2025-12758

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

CVE-2025-12758

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

CVE-2025-12758

CVE-2025-12758—Validator.js isLength() Unicode variation selector bypass . Multiple IBM advisories reference affected product lines (e.g., IBM App Connect Enterprise, QRadar) where validator versions earlier than 13.15.22 are vulnerable due to incomplete filtering of Unicode variation selectors i...