EUVD-2017-5615

Malware in sbrugna...

EUVD-2020-22019

Malware in sbrugna...

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-1931

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

PT-2025-4122

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 135 Firefox ESR versions prior to 115.20 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 Description An attacker could have caused a use-after-free via crafted...

BIT-NODE-MIN-2021-22930

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior...

BIT-NODE-2021-22930

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior...

Google Chrome < 118.0.5993.117 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 118.0.5993.117. It is, therefore, affected by a vulnerability as referenced in the 202310stable-channel-update-for-desktop24 advisory. - Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote...

Design/Logic Flaw

Bunkum is an open-source protocol-agnostic request server for custom game servers. First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecti...

PT-2023-33224 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: The issue is related to a possible use-after-free in the memcg write event control function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

Debian dla-3137 : libnode-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3137 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected]...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2022-0074)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering u...

AlmaLinux 8 : kernel (ALSA-2021:0558)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:0558 advisory. - A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor...

CVE-2021-4173

A flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution...

Memory corruption

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior...

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2021:2824-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2824-1 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory...

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2021:2823-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2823-1 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory...

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2021:2790-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2790-1 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory...

August 2021 Security Releases

August 2021 Security Releases Update 11-Aug-2021 Security releases available Updates are now available for v16.x, v14.x, and v12.x Node.js release lines for the following issues. cares upgrade - Improper handling of untypical characters in domain names High CVE-2021-22931 Node.js was vulnerable t...