CVE-2026-40561

Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

Aiven Operator 安全漏洞

Aiven Operator is an open-source Kubernetes cluster management service developed by Aiven. Versions of Aiven Operator from 0.31.0 to 0.37.0 contained a security vulnerability. This vulnerability stemmed from the operator trusting the namespace values provided by users without verification. As a...

CVE-2026-34563

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when handling backup uploads and processing backup metadata. An...

Fedora: Security Advisory (FEDORA-2026-63f333201f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2025-67858

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67858 A crafted "interface" input parameter can lead to integrity loss of the firewall configuration

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67858 A crafted "interface" input parameter can lead to integrity loss of the firewall configuration

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67603

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

UBUNTU-CVE-2025-67603

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67603 Lack of client authorization allows arbitrary users to influence the firewall configuration

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67603 Lack of client authorization allows arbitrary users to influence the firewall configuration

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67603

CVE-2025-67603 affects Foomuuri prior to 0.31. An improper Authorization flaw allows arbitrary users to influence firewall configuration via D-Bus methods due to missing PolicyKit authorization and insufficient input validation. Upstream fixes are in v0.31, addressing CVE-2025-67603 and CVE-2025-...

Foomuuri 参数注入漏洞

Foomuuri is an open source firewall configuration generation and management tool from Foobar Oy. A parameter injection vulnerability exists in versions of Foomuuri prior to 0.31, which stems from improper JSON configuration neutralization and could lead to compromised firewall configuration...

Foomuuri 授权问题漏洞

Foomuuri is an open source firewall configuration generation and management tool from Foobar Oy. A vulnerability in authorization issues exists in versions of Foomuuri prior to 0.31, which stems from improper authorization and could lead to tampering with firewall configurations...

PT-2026-1886

Name of the Vulnerable Software and Affected Versions Foomuuri versions prior to 0.27-2+deb13u1 Foomuuri versions prior to 0.31 Description An Improper Neutralization of Argument Delimiters issue exists in Foomuuri, potentially leading to integrity loss of the firewall configuration or other...

PT-2026-1882

Name of the Vulnerable Software and Affected Versions Foomuuri versions prior to 0.31 Foomuuri version 0.27-2+deb13u1 Description An improper authorization issue in Foomuuri allows unauthorized users to modify the firewall configuration. This could lead to tampering of the firewall configuration...

EUVD-2008-2569

Malware in sbrugna...

CVE-2021-43353

The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisppluginsettingspage function found in the /crisp.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 0.31...

Fedora: Security Advisory for perl-Spreadsheet-ParseXLSX (FEDORA-2024-fa14bfd3b5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: ipfs, falco, buildkitd, prometheus-blackbox-exporter, spark-operator, src, up, terraform-provider-sendgrid, kubeflow, kubescape, aactl, scorecard, kubevela, cortex, k3d, slsa-verifier, dgraph...