📦 Leap

This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chroot option to load a malicious /etc/nsswitch.conf file from a user-controlled directory. It affects ...

This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could exploit these vulnerabilities to execute arbitrary code o...

This SQL injection vulnerability in phpMyAdmin's search feature allows attackers to inject malicious SQL queries. It affects all phpMyAdmin installations before version 4.9.6 and 5.x before 5.0.3. Att...

This vulnerability in Ruby's CGI::Cookie.parse function mishandles security prefixes in cookie names, allowing attackers to bypass cookie security mechanisms. It affects Ruby versions through 2.6.8 an...

CVE-2021-41817 is a regular expression denial of service (ReDoS) vulnerability in Ruby's date gem. Attackers can cause denial of service by sending specially crafted long strings to Date.parse methods...

CVE-2020-1472 (Zerologon) is a critical authentication bypass vulnerability in Microsoft's Netlogon protocol that allows unauthenticated attackers to gain domain administrator privileges. It affects W...