EUVD-2025-9635

Malicious code in bioql PyPI...

FreeBSD : Yelp -- arbitrary file read (9449f018-84a3-490d-959f-38c05fbc77a7)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9449f018-84a3-490d-959f-38c05fbc77a7 advisory. [email protected] reports: A flaw was found in Yelp. The Gnome user help application allows the help...

Amazon Linux 2 : yelp (ALAS-2025-2862)

The version of yelp installed on the remote host is prior to 3.28.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2862 advisory. A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability...

[SECURITY] [DLA 4184-1] yelp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4184-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro May 28, 2025 https://wiki.debian.org/LTS -...

CVE-2025-3155 Yelp: arbitrary file read

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...

CVE-2025-3155

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...

CVE-2025-3155

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...

Yelp -- arbitrary file read

[email protected] reports: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...

Yelp 安全漏洞

Yelp is a website by Yelp Inc. where users rate restaurants and other establishments. A security vulnerability exists in Yelp that originates in the Gnome User Help application that allows the help documentation to execute arbitrary scripts, potentially leading to the disclosure of user files...

Yelp -- arbitrary file read

[email protected] reports: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...

new packages: anaconda-user-help

An update is available for anaconda-user-help. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

ALBA-2020:4842 anaconda-user-help bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

anaconda-user-help bug fix and enhancement update

An update is available for anaconda-user-help. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

anaconda-user-help bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

OWASP Threat Dragon - Cross-Platform Threat Modeling Application

Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other...

CVE-2014-5110

Cross-site scripting XSS vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the idnodo parameter...

CVE-2014-5110

Cross-site scripting XSS vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the idnodo parameter...

Update Protection against Microsoft Internet Explorer Help Control (HHCtrl) Vulnerability

Microsoft Internet Explorer IE contains a heap overflow vulnerability. The vulnerability exists in a Microsoft ActiveX which supports all functions of the user help interface hhctrl.ocx. A remote attacker may trigger this flaw to deny service from legitimate users. By convincing a user to visit a...