Fedora 43 : erlang-cowlib (2026-ce0a56ca97)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ce0a56ca97 advisory. Cowlib 2.16.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

CVE-2026-43970

Improper Handling of Highly Compressed Data Data Amplification vulnerability in ninenines cowlib allows unauthenticated remote denial of service via memory exhaustion. cowspdy:inflate/2 in cowlib passes peer-supplied compressed bytes directly to zlib:inflate/2 with no output size bound. The SPDY...

CVE-2026-43970 Decompression Bomb in cow_spdy:inflate/2 Allows Memory Exhaustion via Crafted SPDY Frame

Improper Handling of Highly Compressed Data Data Amplification vulnerability in ninenines cowlib allows unauthenticated remote denial of service via memory exhaustion. cowspdy:inflate/2 in cowlib passes peer-supplied compressed bytes directly to zlib:inflate/2 with no output size bound. The SPDY...

EUVD-2025-43970

Malicious code in hadi-esdoger10-riris npm...

Ubuntu: Security Advisory (USN-7661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-43970

An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 1043 via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated low privileged attacker to execute remote code on the target server within the context of...

CVE-2025-43970 vulnerabilities

Vulnerabilities for packages: cilium-fips, cilium...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

DEBIAN-CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

CVE-2025-43970

GoBGP before 3.35.0 has an input length check flaw in pkg/packet/mrt/mrt.go during MRT parsing, where it fails to ensure required lengths (12 or 36 bytes depending on address family). The issue is documented in CVE-2025-43970 and is addressed by upgrading to GoBGP 3.35.0 or later. The Connected d...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

CVE-2022-43970

A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. A stack-based buffer overflow in the StartEPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the...

CVE-2024-43970

creationtimestamp| type| source ---|---|--- 2024-09-18 03:20:07+00:00| seen| https://t.me/cvedetector/5897...

CVE-2024-43970

CVE-2024-43970 refers to a WordPress SureCart plugin vulnerability: Reflected XSS due to improper input neutralization during web page generation, affecting SureCart versions n/a–2.29.3. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) indicates network access, low attack complexity, req...

CVE-2024-43970 WordPress SureCart plugin <= 2.29.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3...

CVE-2024-43970 WordPress SureCart plugin <= 2.29.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3...

WordPress SureCart Plugin <= 2.29.3 is vulnerable to Cross Site Scripting (XSS)

Software SureCart Type Plugin Vulnerable versions = 2.29.3 Fixed in 2.29.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43970 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 031e83213ccc Credits Le Ngoc Anh Required privilege...

CVE-2022-43970

creationtimestamp| type| source ---|---|--- 2023-01-10 00:27:49+00:00| seen| https://t.me/cibsecurity/56176...