907866 matches found
DSA-2695-1 chromium-browser - several
Bulletin has no description...
DSA-2669-1 linux - several
Bulletin has no description...
DSA-2464-2 icedove - regression
Bulletin has no description...
DSA-2454-2 openssl - incomplete fix
Bulletin has no description...
DSA-2131-1 exim4 - remote code execution
Bulletin has no description...
DSA-2124-1 xulrunner - several vulnerabilities
Bulletin has no description...
DSA-1988-1 qt4-x11 - several vulnerabilities
Bulletin has no description...
DSA-1830-1 icedove - several vulnerabilities
Bulletin has no description...
DSA-1568-1 b2evolution - cross site scripting
Bulletin has no description...
DSA-1564-1 wordpress - several vulnerabilities
Bulletin has no description...
DSA-1503-1 kernelimage-2.4.27 - several issues
Bulletin has no description...
DSA-1406-1 horde3 - several vulnerabilities
Bulletin has no description...
DSA-1358-1 asterisk
Bulletin has no description...
DSA-1112 mysql-dfsg-4.1 - several vulnerabilities
Bulletin has no description...
DSA-1018-1 kernel-source-2.4.27 - several
Bulletin has no description...
MAL-2025-46977 Malicious code in is-arrayish (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb234972f25697d7cb6b5fee49c919d030c6f82ca0fa9068cc69f3bed952d540 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-7121 Malicious code in @bmw-ds/components (npm)
The package @bmw-ds/components was found to contain malicious code...
MAL-2025-6361 Malicious code in exceljs-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 542e79c60c18aa779332620c884952b318f885c798a0ac8c2d3bf87bfad26950 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
ASB-A-391895923
In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-301470262
In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
BELL-CVE-2025-32728
Bulletin has no description...
PYSEC-2025-7 Posts scraped data to IP address associated with other malware distribution attacks.
Published in 2021, the imblog package is a Python library that scrapes data from a blog page to an IP address associated with other malware distribution attacks...
BELL-CVE-2025-26465
Bulletin has no description...
ASB-A-316578327
In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit user consent due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
GO-2024-3327 SiYuan has an arbitrary file read via /api/template/render in github.com/siyuan-note/siyuan/kernel
SiYuan has an arbitrary file read via /api/template/render in github.com/siyuan-note/siyuan/kernel...
ALSA-2024:10952 Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...
CVE-2024-51127
An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information...
RHSA-2023:3914 Red Hat Security Advisory: Red Hat OpenShift Enterprise security update
Bulletin has no description...
RLSA-2024:5814 Moderate: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...
RHSA-2013:0770 Red Hat Security Advisory: java-1.6.0-openjdk security update
Bulletin has no description...
RHSA-2019:3299 Red Hat Security Advisory: rh-php72-php security update
Bulletin has no description...
RHSA-2017:1161 Red Hat Security Advisory: httpd24-httpd security, bug fix, and enhancement update
Bulletin has no description...
RHEA-2013:1032 Red Hat Enhancement Advisory: Red Hat OpenShift Enterprise 1.2 Node Release Advisory
Bulletin has no description...
CVE-2024-45490
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...
GO-2024-3076 Trufflehog vulnerable to Blind SSRF in some Detectors in github.com/trufflesecurity/trufflehog
Trufflehog vulnerable to Blind SSRF in some Detectors in github.com/trufflesecurity/trufflehog...
GO-2022-1248 usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos
usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos...
GO-2022-0480 Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o
Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o...
GO-2023-1871 SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb
SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb...
DSA-5742-1 odoo - security update
Bulletin has no description...
DSA-5729-1 apache2 - security update
Bulletin has no description...
GHSA-HH2W-P6RV-4G7W Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications t...
BIT-APACHE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
BIT-APACHE-2024-38473 Apache HTTP Server proxy encoding problem
Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixes this issue...
MAL-2024-3288 Malicious code in updated-tricks-roblox-robux-generator-2023-de-asw3er2 (npm)
--- -= Per source details. Do not edit below this line.=-...
OPENSUSE-SU-2024:10290-1 apache2-mod_php7-7.0.14-1.4 on GA media
These are all security issues fixed in the apache2-modphp7-7.0.14-1.4 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11167-1 php7-7.4.24-1.1 on GA media
These are all security issues fixed in the php7-7.4.24-1.1 package on the GA media of openSUSE Tumbleweed...
GO-2024-2798 Mattermost fails to limit the number of active sessions in github.com/mattermost/mattermost-server
Mattermost fails to limit the number of active sessions in github.com/mattermost/mattermost-server...
GHSA-CJCC-P67M-7QXM Unsafe Reflection in base Component class in yiisoft/yii2
Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...
DLA-3818-1 apache2 - security update
Bulletin has no description...
ALSA-2024:3339 Important: glibc security update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...