CERTFR-2026-ACT-020

creationtimestamp| type| source ---|---|--- 2026-05-04 15:41:45+00:00| seen| https://bsky.app/profile/infosecfr.skyfleet.blue/post/3mkzz4cqpnu2p 2026-05-04 15:42:42+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mkzz5za2nx23 2026-05-04 15:42:46+00:00| seen|...

nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +14 more potentially affected by CVE-2026-34067 via nimiq-transaction (>=0.1.0 <=0.2.0)

nimiq-transaction CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-34067 Source advisory: OSV:GHSA-264V-M8FM-76JM...

MiracleLinux 7 : samba-4.10.4-10.el7 (AXSA:2020-020:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-020:02 advisory. samba: Combination of parameters and permissions can allow user to escape from the share path definition CVE-2019-10197 samba: smb client vulnerable ...

Malicious code in papa-020-project (npm)

The package papa-020-project was found to contain malicious code...

MAL-2025-28712 Malicious code in papa-020-project (npm)

The package papa-020-project was found to contain malicious code...

CVE-2024-11148

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd8 is vulnerable to a NULL dereference when handling a malformed fastcgi request...

CVE-2024-11148

CVE-2024-11148 affects OpenBSD 7.3 before errata 020 and OpenBSD 7.4 before errata 006, where httpd(8) is vulnerable to a NULL dereference when processing malformed FastCGI requests. The underlying issue is a null dereference in the HTTP server’s FastCGI handling path, leading to denial of servic...

OpenBSD 安全漏洞

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD organization. A security vulnerability exists in OpenBSD versions prior to OpenBSD 7.4 errata 006 and OpenBSD versions prior to OpenBSD 7.3 errata 020, which stems from a NULL dereference in httpd8 when...

MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner', 'Description' = %q This module is based on et's HTTP Directory Scanner module, with...

MS09-020 IIS6 WebDAV Unicode Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Authentication Bypass', 'Description' = %q This module attempts to to bypass authentication using the WebDAV IIS6...

MS12-020 Microsoft Remote Desktop Use-After-Free Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop Use-After-Free DoS', 'Description' = %q This module exploits the MS12-020 RDP vulnerability originally discover...

Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020

The Email Contact module provides email field display formatters that can display the field as a link to the contact form, or as an inline contact form. The module does not sufficiently handle restricted entity or field access to the mail sending form, when the "Email contact link" formatter is...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-020)

The version of firefox installed on the remote host is prior to 115.6.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2FIREFOX-2024-020 advisory. A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function...

PT-2023-9787 · Openbsd · Openbsd +1

Name of the Vulnerable Software and Affected Versions: OpenBSD versions 7.3 through 7.4 before errata 006 and 7.3 before errata 020 OpenBSD version 7.3 before errata 020 Description: The issue is related to a NULL dereference when handling a malformed fastcgi request in the httpd8 service. This c...

Amazon Linux 2 : ecs-init (ALASECS-2023-020)

The version of ecs-init installed on the remote host is prior to 1.79.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-020 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

shop-020.de Cross Site Scripting vulnerability OBB-3610154

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Office Hours - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-020

This module enables you to define a 'weekly office hours' field type, and add a field to any Content type, in order to display the weekly opening hours for a location. The module doesn't sufficiently filter user-supplied text leading to a Cross Site Scripting XSS vulnerability. This vulnerability...

shop-020.de Cross Site Scripting vulnerability OBB-3422538

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-020)

The version of kernel installed on the remote host is prior to 5.15.110-70.143. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-020 advisory. A denial of service problem was found, due to a possible recursive locking scenario, resulting in a...

UBUNTU-CVE-2023-29323

asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...