Month: June 2023

It was discovered that pngcheck incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file,...

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly...

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data...

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability....

USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service. Read...

Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log...

Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log...

Gregory James Duck reported that missing input validation in various functions provided by libx11, the X11 client-side library, may result in denial of service. Read...