7 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the RESTClientGetter configuration. An attacker can gain unauthorized access to sensitive resources and escalate privileges by exploiting incomplete ServiceAccount impersonation, allowing them to read secrets...
Use of Incorrectly-Resolved Name or Reference
Overview srvx is an Universal Server. Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the FastURL function due to a pathname parsing discrepancy when handling absolute URIs with non-standard schemes in raw HTTP requests. An attacker can bypass...
CVE-2026-33732 srvx is vulnerable to middleware bypass via absolute URI in request line
srvx is a universal server based on web standards. Prior to version 0.11.13, a pathname parsing discrepancy in srvx's FastURL allows middleware bypass on the Node.js adapter when a raw HTTP request uses an absolute URI with a non-standard scheme e.g. file://. Starting in version 0.11.13, the...
srvx 安全漏洞
Srvx is a web-based general server developed by H3 Open Source. Versions of Srvx prior to 0.11.13 contained security vulnerabilities. These vulnerabilities were caused by differences in path name resolution in FastURL, which could allow middleware to bypass security measures...
SUSE CVE-2010-4523
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
Stack overflow
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
CVE-2010-4523
OpenSC (libopensc) is affected by CVE-2010-4523: multiple stack-based buffer overflows in OpenSC