An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated at…

Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a netwo…

there is a possible way to bypass due to a logic error in the code. This could lead to local e…

The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android pro…

Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left sh…

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior …

Multiple Cisco products are affected by a vulnerability in the Snort application detection engi…

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (inval…

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to…

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. A…

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPa…

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If o…

Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.p…

Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before …

In version 6.5 Microchip MiWi software and all previous versions including legacy products, the…

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a …

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will i…

In version 6.5 of Microchip MiWi software and all previous versions including legacy products, …

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior…

Ansible prior to 1.5.4 mishandles the evaluation of some strings.

Envoy is an open source edge and service proxy, designed for cloud-native applications. The env…

An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. Obj…

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-con…

Istio is an open platform to connect, manage, and secure microservices. In Istio 1.12.0 and 1.1…

Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done …

btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoi…

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which somet…

An always-incorrect control flow implementation in the implicit filter terms of Juniper Network…

The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31…

Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency, sometimes result…

An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause…

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1…

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, mac…

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() …

On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prio…

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote…

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks…

In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state …

Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeate…

An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 all…