Category: Advisories

Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An uprivileged user could use this to bypass Ceph's authorization checks and upload a...

It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file,...

Multiple vulnerabilities have been discovered in Jenkins, the most severe of which could allow for remote code execution. Jenkins (Core) is an open source automation...

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to...

It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a...

Multiple security issues were discovered in Redis, a persistent key-value database, which could result in the execution of arbitrary code or ACL bypass. https://security-tracker.debian.org/tracker/DSA-5610-1 Read...

Several vulnerabilities were discovered in the Slurm Workload Manager, a cluster resource management and job scheduling system, which may result in privilege escalation, denial of...

Posted by Matthew Fernandez on Jan 27 More specifically, this issue is an out-of-bounds read. AFAICT the issue was actually introduced in Graphviz 2.36. It...

Posted by Mark Esler on Jan 27 Dear Meng Rujie, In regards to your recent FD posts, are you requesting CVEs based on the presence...

Posted by Mark Esler on Jan 27 Hi Meng, In your recent mass posts to FD, are you reporting vulnerabilities or bug reports which have...