16 matches found
MAL-2026-4406 Malicious code in @mcpassure/mcp-anvisa-bulario (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e846cabb7b5077244737d7a465e944ebe7635db46cc55e7e5736eeda47d30938 dist/bootstrap.js references a hardcoded URL on pub-046c52795b9445cd9f5cc5cb21b9d59f.r2.dev — an anonymous Cloudflare R2 bucket — and calls fetch...
osbuild-composer security update
149-4.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
GHSA-H238-5MWF-8XW8 lakeFS affected by unauthenticated access to API usage metrics
Impact Missing authentication in the /api/v1/usage-report/summary endpoint allows anyone to retrieve aggregate API usage counts. While no sensitive data is disclosed, the endpoint may reveal information about service activity or uptime. Patches Upgrade to v1.70.1 Workarounds Any ONE of these is...
CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows
WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...
Rayder - A Lightweight Tool For Orchestrating And Organizing Your Bug Hunting Recon / Pentesting Command-Line Workflows
Rayder is a command-line tool designed to simplify the orchestration and execution of workflows. It allows you to define a series of modules in a YAML file, each consisting of commands to be executed. Rayder helps you automate complex processes, making it easy to streamline repetitive modules and...
Low: Red Hat Security Advisory: qt5-qtsvg security update
An update for qt5-qtsvg is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2023:6961 Low: qt5-qtsvg security update
Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...
Moderate: Red Hat Security Advisory: qt5 security and bug fix update
An update for the qt5 stack is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
ALSA-2023:6369 Moderate: qt5 security and bug fix update
Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...
Libwebp Uninitialized Variable Usage Vulnerability
Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from the use of a single variable in the ReadSymbol function. An attacker could exploit the vulnerability to threaten data confidentiality...
CVE-2020-6078
An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...
CVE-2020-6078
An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...
Enhanced API Scanning with Postman Support in Qualys WAS
Due to the fast-growing usage of REST APIs, having a way to test them for vulnerabilities in an automated, reliable way is more important than ever. Automated testing of APIs is a little trickier than for web applications. You can't simply enter a starting URL for the scanner and click "Go"...
CentOS Update for libvirt CESA-2013:0831 centos6
Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora 18 : viewvc-1.1.17-2.fc18 (2012-16646)
Patch CVE-2012-4533. Version 1.1.16 - security fix: escape 'extra' diff info to avoid XSS attack issue 515 - add 'binarymimetypes' configuration option and handling issue 510 - fix 'select for diffs' persistence across log pages issue 512 - remove lock status and filesize check on directories in...
ezDatabase20.txt
ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...