CVE-2026-34520 vulnerabilities

Vulnerabilities for packages: open-webui, py3-cassandra-medusa, kserve, kubeflow-pipelines-visualization-server, checkov, dask-kubernetes, airflow...

CVE-2026-34520

creationtimestamp| type| source ---|---|--- 2026-04-04 05:16:04+00:00| published-proof-of-concept| Telegram/xPpZj4cibcCYqgi-TPIS6ijPmmH3NCtwSFt5Cz1eCFxQ...

CVE-2026-34520 vulnerabilities

Vulnerabilities for packages: authentik, checkov, datahub-ingestion-fips, dask-kubernetes, metaflow-service, authentik-fips, tritonserver-backend-vllm-cuda-13.0, keep, litellm, airflow, keep-fips, metaflow-service-fips, awx, datahub-ingestion, tritonserver-backend-vllm-cuda-12.9, request-1276,...

5mghost-rover (>=0.0.1 <=0.0.3), a-mailx (=0.1.0) +1297 more potentially affected by CVE-2026-34520 via aiohttp (>=3.0.0b0 <=3.13.3)

aiohttp PYPI version =3.0.0b0, =0.0.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.6.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34520 Source advisory: SNYK:PYTHON-AIOHTTP-15873704...

UBUNTU-CVE-2026-34520

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser the default for most installs accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4...

CVE-2025-34520

creationtimestamp| type| source ---|---|--- 2025-08-28 15:21:52+00:00| seen| Telegram/s7Iu9fS-Whi-uZZkiAJ1F8204U8xAyiylQQUTKKuDgURnxs...

MAL-2025-34520 Malicious code in tango-ugli-foxtrot-eblpx (npm)

The package tango-ugli-foxtrot-eblpx was found to contain malicious code...

CVE-2024-34520

creationtimestamp| type| source ---|---|--- 2025-02-12 23:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzciyzje52i 2025-02-13 01:10:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4195 2025-02-13 02:25:13+00:00| seen|...

CVE-2024-34520

An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R10240, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls...

CVE-2024-34520

An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R10240, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls...

CVE-2022-34520

creationtimestamp| type| source ---|---|--- 2022-07-22 18:19:32+00:00| seen| https://t.me/cibsecurity/46804...

CVE-2022-34520

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function rbinfilextrloadbuffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service DOS via a crafted binary file...

CVE-2022-34520

CVE-2022-34520 affects Radare2 v5.7.2. A NULL pointer dereference in r_bin_file_xtr_load_buffer (bin/bfile.c) may allow a crafted binary to cause Denial of Service. The available sources (NVD, OSV, CNVD, Debian security tracker, Alpine Linux, etc.) corroborate the NULL dereference issue but do no...

CVE-2022-34520

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function rbinfilextrloadbuffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service DOS via a crafted binary file...

CVE-2021-34520

Microsoft SharePoint Server Remote Code Execution Vulnerability...

CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

CVE-2021-34520

CVE-2021-34520 concerns a Microsoft SharePoint Server Remote Code Execution vulnerability. The related connected document KB5001975 confirms a security update for SharePoint Server 2019 (16.0.10376.20001) that addresses this vulnerability. The CVE is described with high severity in accompanying m...

Security Updates for Microsoft SharePoint Server 2019 (July 2021)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-34467, CVE-2021-34468, CVE-2021-34520 - Microsoft SharePoint Server...

Security Updates for Microsoft SharePoint Server 2013 (July 2021)

The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-34467, CVE-2021-34468, CVE-2021-34520 - Microsoft SharePoint Server...

KLA12220 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution...