907650 matches found
ASB-A-143230980
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not needed for exploitation...
GHSA-QJWC-V72V-FQ6R HTTP request smuggling in Undertow
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...
PYSEC-2021-137
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
DLA-2653-1 libxml2 - security update
Bulletin has no description...
GHSA-79JW-6WG7-R9G4 Use of Potentially Dangerous Function in mixme
Impact In Node.js mixme v0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denia...
RLSA-2020:4676 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
CVE-2018-20699
Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemonunix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go...
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...
DLA-728-1 tomcat6 - security update
Bulletin has no description...
DSA-3237-1 linux - security update
Bulletin has no description...
DSA-2950-1 openssl - security update
Bulletin has no description...
DSA-2313-1 iceweasel - several
Bulletin has no description...
DSA-1871-2 wordpress - regression fix
Bulletin has no description...
DSA-1534-1 iceape
Bulletin has no description...
DSA-1120 mozilla-firefox - several vulnerabilities
Bulletin has no description...
DSA-288 openssl - several vulnerabilities
Bulletin has no description...
GHSA-XMPW-2VMM-P4P6 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)
Impact On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Affected: any user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026. Security researchers identified the malicious package within approximately 2 hours ...
MAL-2026-3435 Malicious code in @squawk/airport-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...
EEF-CVE-2026-43969 Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1
Summary Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in ninenines cowlib allows HTTP request splitting and cookie smuggling via unvalidated cookie name and value fields. cowcookie:cookie/1 in cowlib builds a client-side Cookie: request header from a list of name-value...
GHSA-8259-2X72-2GVC Eclipse Dataspace Components's ConsumerPullTransferTokenValidationApiController doesn't check for token validit
In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity expiry, not-before, issuance date, which can allow an attacker to bypass the check for token expiration. The issue requires to have ...
OPENSUSE-SU-2024:0269-1 Security update for trivy
trivy was updated to fix the following issues: Update to version 0.54.1: fixflag: incorrect behavior for deprected flag --clear-cache backport: release/v0.54 7285 fixjava: Return error when trying to find a remote pom to avoid segfault backport: release/v0.54 7283 fixplugin: do not call GitHub...
GO-2022-0986 Netmaker vulnerable to Insufficient Granularity of Access Control in github.com/gravitl/netmaker
Netmaker vulnerable to Insufficient Granularity of Access Control in github.com/gravitl/netmaker...
RLSA-2024:1782 Important: bind and dhcp security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The Dynamic Hos...
CVE-2024-31033
JJWT aka Java JWT through 0.12.5 ignores certain characters and thus a user might falsely conclude that they have a strong key. The impacted code is the setSigningKey method within the DefaultJwtParser class and the signWith method within the DefaultJwtBuilder class. NOTE: the vendor disputes thi...
BIT-ELASTICSEARCH-2023-31418 Elasticsearch uncontrolled resource consumption
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...
ALSA-2024:1141 Moderate: mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...
CVE-2023-6267
A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed deserialized prior to the security constraints being evaluated and applied. This does not happen with configuration based security...
CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
BIT-2023-5561
The Popup Builder WordPress plugin through 4.1.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
GHSA-68XG-GQQM-VGJ8 Puma HTTP Request/Response Smuggling vulnerability
Impact Prior to version 6.3.1, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. The following vulnerabilities are addressed by this advisory: Incorrect parsing of trailing fields in...
GO-2023-1733 Timing attack from non-constant time scalar arithmetic in github.com/bnb-chain/tss-lib
Timing attack from non-constant time scalar arithmetic in github.com/bnb-chain/tss-lib...
GHSA-4R6H-8V6P-XVW6 Prototype Pollution in sheetJS
All versions of SheetJS CE through 0.19.2 are vulnerable to "Prototype Pollution" when reading specially crafted files. Workflows that do not read arbitrary files for example, exporting data to spreadsheet files are unaffected. A non-vulnerable version cannot be found via npm, as the repository...
GHSA-GQ6W-Q6WH-JGGC PHAR deserialization allowing remote code execution
Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...
CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime
crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...
GHSA-26F8-X7CC-WQPC Apache Kafka Connect vulnerable to Deserialization of Untrusted Data
A possible security vulnerability has been identified in Apache Kafka Connect API. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka...
DLA-3152-1 glibc - security update
Bulletin has no description...
CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...
CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...
DSA-5169-1 openssl - security update
Bulletin has no description...
GHSA-Q559-8M2M-G699 Change in port should be considered a change in origin
Impact Authorization and Cookie headers on requests are sensitive information. On making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the Authorization and Cookie headers from the request, before containing. Previously, we...
MAL-2022-6354 Malicious code in superset-websocket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71368c8e29fe057fcc95335932ec6248b0a21541c5be1c4f54aa8fa03167a152 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-87W9-X2C3-HRJJ Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, .jspx, .tagx, or .tld XML document containing an external entity declaration ...
GHSA-H6C8-X5R3-PM88 Apache Tomcat Unrestricted file upload vulnerability
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file...
DLA-3001-1 libgoogle-gson-java - security update
Bulletin has no description...
CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...
DSA-5131-1 openjdk-11 - security update
Bulletin has no description...
RUSTSEC-2022-0011 Miscomputation when performing AES encryption in rust-crypto
The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...
DSA-5073-1 expat - security update
Bulletin has no description...
CVE-2022-0359 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
DLA-2871-1 lxml - security update
Bulletin has no description...