golang-github-v2fly-v2ray-core-5.51.2-1.1 on GA media (moderate)

golang-github-v2fly-v2ray-core-5.51.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10913-1 Rating: moderate Cross-References: CVE-2026-27017 CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-39821 SUSE : 9.1...

CVE-2026-27017 vulnerabilities

Vulnerabilities for packages: nuclei...

📄 MongoDB BSON Decompression OP_COMPRESSED Memory Disclosure

This Metasploit module demonstrates an educational memory leak in MongoDB BSON decompression. It sends malformed BSON in OPCOMPRESSED messages to trigger memory disclosure. Quite a huge list of versions are affected...

Azure Linux 3.0 Security Update: kernel (CVE-2024-27017)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27017 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over curre...

Exploit for CVE-2025-14847

MongoBLEED---CVE-2025-14847-POC- This repo contains my python...

CVE-2023-27017

Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the sub45DC58 function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

org.apache.nifi:nifi-mongodb-processors (>=2.0.0 <=2.2.0), org.apache.nifi:nifi-mongodb-services-nar (>=1.4.0 <=2.2.0) potentially affected by CVE-2025-27017 via org.apache.nifi:nifi-mongodb-services (>=1.13.0 <=2.2.0)

org.apache.nifi:nifi-mongodb-services MAVEN version =1.13.0, =2.0.0, =1.4.0, =2.2.0 Source cves: CVE-2025-27017 Source advisory: SNYK:JAVA-ORGAPACHENIFI-9403308...

CVE-2025-27017 Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record

Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials...

CVE-2025-27017

CVE-2025-27017 affects Apache NiFi releases 1.13.0 through 2.2.0, where the MongoDB authentication credentials (username/password) used by MongoDB components can be included in provenance event records. An authorized user with read access to these provenance events may view the credentials, expos...

CVE-2025-27017 Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record

Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials...

CVE-2025-27017

creationtimestamp| type| source ---|---|--- 2025-03-11 15:36:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lk4fi23itd2k 2025-03-12 16:41:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7333 2025-03-12 20:22:55+00:00| seen| https://t.me/cvedetector/20146 2025-03-15...

Linux Distros Unpatched Vulnerability : CVE-2024-27017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The generation mask can be...

kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The Linux kernel CVE team has assigned CVE-2024-27017 to this issue. Upstream advisory:...

RHEL 9 : kernel (RHSA-2025:1658)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1658 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer Overflow in...

CVE-2021-27017

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

CVE-2021-27017

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

CVE-2021-27017

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

CVE-2021-27017

CVE-2021-27017 describes a deserialization vulnerability in Puppet Agent prior to 7.4.0 caused by using a module that accepts untrusted user data. The CVSS-based impact indicates high confidentiality, integrity, and availability with network access, high attack complexity, and high privileges req...

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...