CVE-2022-31135

Akashi is an open source server implementation of the Attorney Online video game based on the Ace Attorney universe. Affected versions of Akashi are subject to a denial of service attack. An attacker can use a specially crafted evidence packet to make an illegal modification, causing a server...

CVE-2024-52006

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems mos...

After on-prem NetScaler Console (formerly ADM) upgraded to 14.1-21.60 VIP Licenses reduced warning

Duringupgrade from on-prem NetScaler Console formerly ADM version 13.0/13.1 to build 14.1-21.60 below warning is showed: Warning Text: Default NetScaler Console VIP Licenses will be reduced to 2 after the upgrade After upgrade from on-prem NetScaler Console formerly ADM version 13.0/13.1 to build...

CVE-2024-4435

CVE-2024-4435 concerns a memory leak in stable-structures’ BTreeMap when deallocating nodes that overflow, where only the first memory chunk is freed and subsequent chunks remain allocated. This can enable memory growth or exhaustion depending on how a canister uses the map. The issue has been fi...

CVE-2024-23823 CORS settings overly permissive in vantage6

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impa...

CVE-2023-41050 Information disclosure through Python's "format" functionality in Zope AccessControl

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...

[SECURITY] Fedora 11 Update: chmsee-1.0.1-15.fc11

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...

RHEL 3 : squirrelmail (RHSA-2004:654)

An updated SquirrelMail package that fixes a cross-site scripting vulnerability is now available. SquirrelMail is a webmail package written in PHP. A cross-site scripting bug has been found in SquirrelMail. This issue could allow an attacker to send a mail with a carefully crafted header, which...