UBUNTU-CVE-2026-10528

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

CVE-2026-10528

Orthanc DICOM Server (

PT-2026-45673

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

WordPress Elementor Addon Elements Plugin <= 1.12.11 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.11 Fixed in 1.12.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0834 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 65cab16f462f Credits Webbernaut Required...

CVE-2024-0834

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

CVE-2023-4680

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the...

Uncaught Exception

Overview std/crypto/dsa is a Go standard library package std/crypto/dsa Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: via the dsa.Verify function. An attacker can cause a panic and potentially crash the application by submitting a crafted DSA...

PT-2022-9950 · Beego · Beego

Name of the Vulnerable Software and Affected Versions: beego versions prior to 1.12.11 beego versions through 2.0.1 Description: An issue was discovered in the route lookup process in beego that allows attackers to bypass access control. Recommendations: For versions prior to 1.12.11, update to...

CVE-2019-17596: x509 parsing in Golang can cause panic | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Description Various Cloud Foundry components are written in Go and are therefore vulnerable to a denial of service attack. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...

Wireshark 1.12.x < 1.12.11 Multiple DoS

The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.11. It is, therefore, affected by multiple denial of service vulnerabilities in the following components : - GSM CBCH dissector - IAX2 dissector - IEEE 802.11 dissector - NCP dissector - PKTC dissector C Tenable...

Wireshark IEEE 802.11 Parser Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A security vulnerability in the IEEE 802.11 parser in Wireshark versions 1.12.x before 1.12.11 and 2.0.x before 2.0.3 can be exploited by a remote attacker to cause a denial of...

UBUNTU-CVE-2016-4080

epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 misparses timestamp fields, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...

UBUNTU-CVE-2016-4082

epan/dissectors/packet-gsmcbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service out-of-bounds access and application crash via a crafted packet...

DEBIAN-CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...