EUVD-2026-17174

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

ALPINE-CVE-2026-21713

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

UBUNTU-CVE-2026-21713

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

Adobe Photoshop 缓冲区错误漏洞

Adobe Photoshop is a suite of image processing software from the American company Audobee Adobe. The software is primarily used for processing images. A buffer error vulnerability exists in Adobe Photoshop versions 24.x through 24.7.4 and 25.x through versions prior to 25.11, which stems from bei...

Docker AuthZ Plugin Bypass Vulnerability (GHSA-v23v-6jw2-98fq)

Docker is prone to an AuthZ plugin bypass vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:docker:docker";...

Fedoraproject Fedora SEoL (24.x)

According to its version, Fedoraproject Fedora is 24.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...

Nextcloud Server Multiple Vulnerabilities (GHSA-3f8p-6qww-2prr, GHSA-5j2p-q736-hw98)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

Nextcloud Server 24.x < 24.0.9 Incorrect Authorization Vulnerability (GHSA-8v5c-f752-fgpv)

Nextcloud Server is prone to an incorrect authorization vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Photoshop 23.x < 23.5.4 / 24.x < 24.1.1 Multiple Vulnerabilities (macOS APSB23-11)

The version of Adobe Photoshop installed on the remote macOS or Mac OS X host is prior to 23.5.4/24.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb23-11 advisory. - Photoshop version 23.5.3 and earlier, 24.1 and earlier are affected by an out-of-bounds write...

Nextcloud Server < 22.2.9, 23.x < 23.0.6, 24.x < 24.0.2 Improper Initialization (GHSA-2vwh-5v93-3vcq)

Nextcloud Server is prone to an insufficient logging vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Thunderbird 24.x < 24.8 Multiple Vulnerabilities (Mac OS X)

The version of Thunderbird 24.x installed on the remote Mac OS X host is a version prior to 24.8. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute...

Mozilla Thunderbird 24.x < 24.8 Multiple Vulnerabilities

The version of Thunderbird 24.x installed on the remote host is a version prior to 24.8. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary...

Firefox ESR 24.x < 24.8 Multiple Vulnerabilities

The version of Firefox ESR 24.x installed on the remote host is prior to 24.8. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary code...

Mozilla Thunderbird clickjacking Vulnerability-01 (Jul 2014) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox ESR Multiple Vulnerabilities-01 (May 2014) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

GNU Emacs: Multiple vulnerabilities

Background GNU Emacs is a highly extensible and customizable text editor. Description Multiple vulnerabilities have been discovered in GNU Emacs: When ‘global-ede-mode’ is enabled, EDE in Emacs automatically loads a Project.ede file from the project directory CVE-2012-0035. When...

Firefox ESR 24.x < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to...

Mozilla Thunderbird - WireTap Remote 0Day Vulnerability

Document Title: =============== Mozilla Thunderbird - WireTap Remote 0Day Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1182 View: http://www.youtube.com/watch?v=mqZ4eY2th0s Advisory: http://www.vulnerability-lab.com/getcontent.php?id=967 Release Date:...