CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

VMware Spring Cloud Function security vulnerabilities

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from attempting to add an unlimited number of functions to the function registry, potentially...

EUVD-2008-3809

Malware in sbrugna...

EUVD-2021-22011

Malware in sbrugna...

EUVD-2022-3328

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-39922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

Linux Distros Unpatched Vulnerability : CVE-2023-45199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. CVE-2023-45199 Note that Nessus relies on the presence of...

CVE-2014-7981

SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2025-25478

The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password...

SysPass 跨站脚本漏洞

SysPass is a system password manager by RubénD Individual Developers. A security vulnerability exists in SysPass 3.2.x. An attacker can exploit the vulnerability to execute arbitrary Javascript code...

CVE-2024-12797

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

CVE-2024-42904

A cross-site scripting XSS vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php...

CVE-2024-42904

A cross-site scripting XSS vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php...

sysPass 安全漏洞

sysPass is a system password manager by RubénD Personal Developer. A security vulnerability exists in sysPass version 3.2.x, which stems from vulnerability to cross-site scripting attacks. An attacker can exploit the vulnerability to execute arbitrary web script or HTML by injecting a specially...

CVE-2024-42904

A cross-site scripting XSS vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php...

Tencent Blueking CMDB Security Vulnerability

Tencent Blueking CMDB is a configuration management database system from Tencent, China. A security vulnerability exists in Tencent Blueking CMDB versions v3.2.x through v3.9.x, which stems from /service/subscription.go contains a server-side request forgery vulnerability that allows an attacker ...

Discourse < 3.1.4, 3.2.x < 3.2.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

Mbed TLS Security Vulnerability

Mbed TLS is an open source, portable, easy-to-use, readable and flexible SSL library. A security vulnerability exists in Mbed TLS versions 3.2.x through 3.5 and earlier, which stems from a buffer overflow issue. An attacker can exploit this vulnerability to remotely execute code...

Oracle Linux 5 : ELSA-2014-0926-1: / kernel (ELSA-2014-09261)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-09261 advisory. - The rdsiwladdrcheck function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service NULL pointer dereferen...

Django 3.2.x < 3.2.20, 4.1.x < 4.1.10, 4.2.x < 4.2.3 ReDoS Vulnerability - Windows

Django is prone to a regular expression denial of service ReDoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...