CVE-2026-3298

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

GHSA-W853-JP5J-5J7F filelock has a TOCTOU race condition which allows symlink attacks during lock file creation

Impact A Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation where filelock checks if a file exists before opening it with OTRUNC. An attack...

CVE-2025-68146

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

CVE-2024-47118

The CVE-2024-47118 entry concerns IBM Db2 (and Db2 Connect Server) on Linux/Unix/Windows susceptible to a denial of service where a server may crash under certain conditions from a specially crafted query. The IBM-connected bulletin details the vulnerability under CWE-121 (Stack-based Buffer Over...

EUVD-2012-4087

Malware in sbrugna...

CVE-2024-43394

Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server...

PT-2025-23987

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns the behavior of os.OpenFile when the target path is a dangling symlink. On Unix systems, os.OpenFile with O CREATE and O EXCL flags never follows symlinks. However, on...

[SECURITY] Fedora 42 Update: mingw-python-flask-3.1.1-1.fc42

MinGW Windows Python flask...

CVE-2012-4145

Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue."...

DEBIAN-CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

UBUNTU-CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

[Capstone] Ultimate Disassembly Framework

Capstone is a lightweight multi-platform, multi-architecture disassembly framework. Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community. Features Support hardware architectures: ARM, ARM64 aka ARMv8, Mips & X86 more details...

Cross site scripting

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted HTML document...

CVE-2011-3243

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows...

ZH2003-11SA.txt

ZH2003-11SA security advisory: Elite News Ver. 1.0.0.0-1.0.0.3 Beta Published: 16/07/2003 Released: 16/07/2003 Name: Elite News Affected Systems: All versions Severity: High Platforms: Windows and Unix Issue: Security holes enable attackers to take administrative control Original Advisory:...