23 matches found
CVE-2021-2341 vulnerabilities
Vulnerabilities for packages: openjdk...
CVE-2025-38444
In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10makerequest If raid10readrequest or raid10writerequest registers a new request and the REQNOWAIT flag is set, the code does not free the malloc from the mempool. unreferenced object...
GHSA-GHFM-8RWR-P3HR vulnerabilities
Vulnerabilities for packages: ceph...
GHSA-XWMG-2G98-W7V9 vulnerabilities
Vulnerabilities for packages: elasticsearch, spark, akhq, tez, camunda-zeebe, dependency-track, flyway, nacos-docker, apache-nifi-registry, apache-nifi, hadoop-client-modules, nacos, druid, wildfly, apicurio-registry...
CVE-2025-5473
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
GHSA-CM76-QM8V-3J95 vulnerabilities
Vulnerabilities for packages: docker-compose, neuvector, neuvector-fips, neuvector-scanner, docker-compose-fips...
GHSA-9H6J-4FFX-CM84 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
GHSA-PMC3-P9HX-JQ96 vulnerabilities
Vulnerabilities for packages: nuclei...
GHSA-5W6V-399V-W3CC vulnerabilities
Vulnerabilities for packages: ruby3.4-rails...
GHSA-MFVV-MGF6-Q25R vulnerabilities
Vulnerabilities for packages: cilium-fips, cilium...
CVE-2025-22027
In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...
GHSA-P5HW-4FXJ-G4X6 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-3M87-5598-2V4F vulnerabilities
Vulnerabilities for packages: prometheus, istio-fips, node-problem-detector-fips, grafana...
GHSA-FJPJ-2G6W-X25R vulnerabilities
Vulnerabilities for packages: druid...
CVE-2025-1734
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
CVE-2022-49476
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921pciremove The crash log shown it is possible that mt7921irqhandler is called while devmfreeirq is being handled so mt76freedevice need to be postponed until devmfreeirq is completed to solv...
GHSA-H288-5FQ8-5PFW vulnerabilities
Vulnerabilities for packages: curl...
GHSA-67MH-4WV8-2F99 vulnerabilities
Vulnerabilities for packages: argo-workflows, vitess, vite...
GHSA-V725-9546-7Q7M vulnerabilities
Vulnerabilities for packages: scorecard, timoni, chezmoi, osv-scanner, kargo, go-licenses, trivy, flux-source-controller, kubevela, kots, skaffold, guac, argo-workflows, apko, kaniko, pulumi, wolfictl, grafana-alloy, gptscript, flux-kustomize-controller, pulumi-language-java, tfsec, goreleaser,...
CVE-2024-53867
Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...