6578 matches found
qt5-webengine -- Use after free in Compositing
Qt qtwebengine-chromium repo reports: Backports for 1 security bug in Chromium: CVE-2024-12694: Use after free in Compositing...
PostgreSQL -- PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation
The PostgreSQL Project reports: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 4 security fixes: 391907159 High CVE-2025-0995: Use after free in V8. Reported by Popax21 on 2025-01-24 391788835 High CVE-2025-0996: Inappropriate implementation in Browser UI. Reported by yuki yamaoto on 2025-01-23 391666328 High CVE-2025-0997: Use...
Gitlab -- Vulnerabilities
Gitlab reports: A CSP-bypass XSS in merge-request page Denial of Service due to Unbounded Symbol Creation Exfiltrate content from private issues using Prompt Injection A custom permission may allow overriding Repository settings Internal HTTP header leak via route confusion in workhorse SSRF via...
Emacs -- Arbitrary code execution vulnerability
Problem Description A shell injection vulnerability exists in GNU Emacs due to improper handling of custom man URI schemes. Impact Initially considered low severity, as it required user interaction with local files, it was later discovered that an attacker could exploit this vulnerability by...
OpenSSL -- Man-in-the-Middle vulnerability
The OpenSSL project reports: RFC7250 handshakes with unauthenticated servers don't abort as expected High. Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEE...
vscode -- multiple vulnerabilities
VSCode developers report: The update addresses these issues, including a fix for a security vulnerability. Scope nodemodule binary resolution in js-debug Elevation of Privilege Vulnerability with VS Code server for web UI...
Intel CPUs -- multiple vulnerabilities
Intel reports: A potential security vulnerability in some Intel Processors may allow denial of service. Intel released microcode updates to mitigate this potential vulnerability. A potential security vulnerability in some Intel Software Guard Extensions Intel SGX Platforms may allow denial of...
nginx-devel -- SSL session reuse vulnerability
The nginx development team reports: This update fixes the SSL session reuse vulnerability...
mozilla -- multiple vulnerabilities
[email protected] reports: Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. The fullscreen notification is prematurely...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 12 security fixes: 390889644 High CVE-2025-0444: Use after free in Skia. Reported by Francisco Alonso @revskills on 2025-01-19 392521083 High CVE-2025-0445: Use after free in V8. Reported by 303f06e3 on 2025-01-27 40061026 Medium CVE-2025-0451:...
mozilla -- multiple vulnerabilities
[email protected] reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have...
MariaDB -- DoS vulnerability in InnoDB
MariaDB reports: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL...
mozilla -- multiple vulnerabilities
[email protected] reports: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. A race during concurrent...
Thundirbird -- unprivileged JavaScript code execution
[email protected] reports: The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the Other field of the Instant Messaging section. If another user...
cacti -- Multiple vulnerabilities
Cacti repo reports: security GHSA-c5j8-jxj3-hh36: Authenticated RCE via multi-line SNMP responses security GHSA-f9c7-7rc3-574c: SQL Injection vulnerability when using tree rules through Automation API security GHSA-fh3x-69rr-qqpp: SQL Injection vulnerability when request automation devices securi...
FreeBSD -- Unprivileged access to system files
Problem Description: When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted...
postorius -- XSS
NIST reports: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026...
FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2)
Problem Description: In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14...
FreeBSD -- Buffer overflow in some filesystems via NFS
Problem Description: In order to export a file system via NFS, the file system must define a file system identifier FID for all exported files. Each FreeBSD file system implements operations to translate between FIDs and vnodes, the kernel's in-memory representation of files. These operations are...
FreeBSD -- OpenSSH Keystroke Obfuscation Bypass
Problem Description: A logic error in the ssh1 ObscureKeystrokeTiming feature on by default rendered this feature ineffective. Impact: A passive observer could detect which network packets contain real keystrokes, and infer the specific characters being transmitted from packet timing...
Vaultwarden -- Multiple vulnerabilities
The Vaultwarden project reports: RCE in the admin panel. Getting access to the Admin Panel via CSRF. Escalation of privilege via variable confusion in OrgHeaders trait...
electron32 -- multiple vulnerabilities
Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-12693. Security: backported fix for CVE-2024-12694. Security: backported fix for CVE-2024-12695. Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-043...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 3 security fixes: 386143468 High CVE-2025-0611: Object corruption in V8. Reported by 303f06e3 on 2024-12-26 385155406 High CVE-2025-0612: Out of bounds memory access in V8. Reported by Alan Goodman on 2024-12-20...
Gitlab -- Vulnerabilities
Gitlab reports: Stored XSS via Asciidoctor render Developer could exfiltrate protected CI/CD variables via CI lint Cyclic reference of epics leads resource exhaustion...
electron33 -- multiple vulnerabilities
Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-0436. Security: backported fix for CVE-2025-0437...
clamav -- Possbile denial-of-service vulnerability
The ClamAV project reports: A possible buffer overflow read bug is found in the OLE2 file parser that could cause a denial-of-service DoS condition...
py-mysql-connector-python -- Vulnerability in the MySQL Connectors product of Oracle MySQL
Oracle reports: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 2 security fixes: 384844003 Medium CVE-2025-0762: Use after free in DevTools. Reported by Sakana.S on 2024-12-18...
dendrite -- Server-side request forgery vulnerability
Dendrite team reports: This is a security release, gomatrixserverlib was vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions...
rsync -- Multiple security fixes
rsync reports: This update includes multiple security fixes: CVE-2024-12084: Heap Buffer Overflow in Checksum Parsing CVE-2024-12085: Info Leak via uninitialized Stack contents defeats ASLR CVE-2024-12086: Server leaks arbitrary client files CVE-2024-12087: Server can make client write files...
oauth2-proxy -- Non-linear parsing of case-insensitive content
Golang reports: This update include security fixes: CVE-2024-45338: Non-linear parsing of case-insensitive content...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...
electron31 -- multiple vulnerabilities
Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-12053. Security: backported fix for CVE-2024-12693. Security: backported fix for CVE-2024-12694...
keycloak -- Multiple security fixes
Keycloak reports: This update includes 2 security fixes: CVE-2024-11734: Unrestricted admin use of system and environment variables CVE-2024-11736: Denial of Service in Keycloak Server via Security Headers...
fcgi -- Heap-based buffer overflow via crafted nameLen/valueLen in ReadParams
[email protected] reports: FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2024-12693: Out of bounds memory access in V8 CVE-2024-12694: Use after free in Compositing CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read in Metrics CVE-2025-0438: Stack buffer overflo...
Gitlab -- Vulnerabilities
Gitlab reports: Possible access token exposure in GitLab logs Cyclic reference of epics leads resource exhaustion Unauthorized user can manipulate status of issues in public projects Instance SAML does not respect externalprovider configuration...
Mozilla -- Memory safety bugs
[email protected] reports: Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
Mozilla -- use-after-free while parsing JSON
[email protected] reports: Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free...
firefox -- authentication bypass
[email protected] reports: Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed...
Mozilla -- redirection to insecure site
[email protected] reports: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
Mozilla -- privilege escalation attack
[email protected] reports: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks...
go -- multiple vulnerabilities
The Go project reports: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. net/http: sensitive headers incorrectly sent after...
Mozilla -- DoS via segmentation fault
[email protected] reports: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...
Mozilla -- Memory safety bugs
[email protected] reports: Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
Mozilla -- use-after-free after failed memory allocation
[email protected] reports: Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash...
Mozilla -- Memory corruption bug
[email protected] reports: Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
redis,valkey -- Denial-of-service valnerability due to malformed ACL selectors
Redis core team reports: An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service.The problem exists in Redis 7.0.0 or newer...
redis,valkey -- Remote code execution valnerability
Redis core team reports: An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting...