13340 matches found
UBUNTU-CVE-2020-37182
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in...
CVE-2025-69871
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...
UBUNTU-CVE-2025-69871
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...
Malicious Package
Overview express-gueues is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
RLSA-2026:2389 Important: brotli security update
Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...
[SECURITY] Fedora 42 Update: rust-dua-cli-2.32.2-3.fc42
A tool to conveniently learn about the disk usage of directories, fast!...
CVE-2025-69871
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...
PT-2026-7570
An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...
CVE-2025-69871
Summary: CVE-2025-69871 affects MedusaJS/Medusa v2.12.2 and earlier. The root cause is a race condition in the promotion module’s registerUsage() function, which performs a non-atomic read-check-update when enforcing usage limits. This can let unauthenticated remote attackers submit concurrent ch...
CVE-2025-69871
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...
CVE-2025-69871
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...
Medusa 安全漏洞
Medusa is an open-source video library manager for TV shows developed by pyMedusa. Versions of Medusa prior to 2.12.2 contained security vulnerabilities. These vulnerabilities stemmed from a race condition in the registerUsage function of the promotional module, which could allow unauthenticated...
PT-2026-7635
Name of the Vulnerable Software and Affected Versions MedusaJS versions prior to 2.12.2 Description A race condition exists in the registerUsage function within the promotion module. This function uses a non-atomic read-check-update process when managing promotion usage limits. This allows...
PT-2026-7671
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials...
ROS-20260211-73-0001
A vulnerability in the mac.c component of the Linux operating system kernel is related to a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Malicious Package
Overview bignum is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview graphsync is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview graphlibx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview terminalcolor256 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2026-1850
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...