907558 matches found
DLA-594-1 openssh - security update
Bulletin has no description...
DLA-567-1 mysql-5.5 - security update
Bulletin has no description...
DSA-3629-1 ntp - security update
Bulletin has no description...
DLA-507-1 nss - security update
Bulletin has no description...
DSA-3557-1 mysql-5.5 - security update
Bulletin has no description...
DSA-3549-1 chromium-browser - security update
Bulletin has no description...
CVE-2016-3191
The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based...
DLA-435-1 tomcat6 - security update
Bulletin has no description...
DSA-3413-1 openssl - security update
Bulletin has no description...
DLA-358-1 openssl - security update
Bulletin has no description...
DLA-355-1 libxml2 - security update
Bulletin has no description...
DLA-335-1 ntp - security update
Bulletin has no description...
DSA-3351-1 chromium-browser - security update
Bulletin has no description...
DLA-284-1 apache2 - security update
Bulletin has no description...
DSA-3285-1 qemu-kvm - security update
Bulletin has no description...
DLA-219-1 icu - security update
Bulletin has no description...
DSA-3197-2 openssl - regression update
Bulletin has no description...
DSA-3170-1 linux - security update
Bulletin has no description...
DLA-88-1 ruby1.8 - security update
Bulletin has no description...
DSA-2994-1 nss - security update
Bulletin has no description...
DSA-2896-1 openssl - security update
Bulletin has no description...
DSA-2873-1 file - several
Bulletin has no description...
DSA-2666-1 xen - several
Bulletin has no description...
DSA-2579-1 apache2 - several
Bulletin has no description...
DSA-2301-2 rails - several
Bulletin has no description...
DSA-2338-1 moodle - several
Bulletin has no description...
PYSEC-2010-27
Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...
DSA-2120-1 postgresql-8.3 - privilege escalation
Bulletin has no description...
DSA-2053-1 linux-2.6 - several issues
Bulletin has no description...
DSA-1962-1 kvm - several vulnerabilities
Bulletin has no description...
DSA-1653-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Bulletin has no description...
DSA-1494-1 linux-2.6 - privilege escalation
Bulletin has no description...
DSA-1294-1 xfree86
Bulletin has no description...
DSA-1233 kernel-source-2.6.8 - several
Bulletin has no description...
DSA-1219 texinfo
Bulletin has no description...
DSA-1212 openssh
Bulletin has no description...
DSA-1192-1 mozilla
Bulletin has no description...
DSA-919-2 curl - buffer overflow
Bulletin has no description...
DSA-668-1 postgresql - privilege escalation
Bulletin has no description...
DSA-570-1 libpng - integer overflow
Bulletin has no description...
DSA-480 linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities
Bulletin has no description...
DSA-295 pptpd - buffer overflow
Bulletin has no description...
MAL-2026-6210 Malicious code in @apexcraft/nano-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c46938b3634fb4de89ddf44b765e1c766c871a40fb31c54609c1b3526074e65c @apexcraft/nano-key advertises itself as a 12-byte sortable ID generator README and repository metadata are copied from yiwen-ai/xid-ts, an unrelated...
USN-8352-1 libreoffice vulnerability
Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code...
GHSA-FF5Q-CC22-FGP4 WWBN AVideo has a CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) Exposes Authenticated API Responses
Summary The CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8 unconditionally reflect any origin before application code runs, and 2...
AZL-67061 CVE-2025-9901 affecting package libsoup 3.0.4-12
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be...
PYSEC-2025-72 After a successful phishing attack, new versions of `num2words` were published containing malware.
The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...
BIT-PYTHON-2025-0938 URL parser allowed square brackets in domain names
The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...
BIT-GITLAB-2025-1072 Allocation of Resources Without Limits or Throttling in GitLab
A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer...
SUSE-SU-2024:3984-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too bsc1226797. - CVE-2024-41031: mm/filemap: skip to create PMD-sized...