Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy...

Important: Red Hat Security Advisory: Satellite 6.18.0 new version release

A new release is now available for Red Hat Satellite 6.18 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EUVD-2020-18519

Malware in sbrugna...

CVE-2020-6306

Missing authorization check in a transaction within SAP Leasing update provided in SAPAPPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17...

CVE-2020-25887

CVE-2020-25887 affects Cesanta Mongoose (v6.18) with a buffer overflow in the function mg_resolve_from_hosts_file when parsing a crafted hosts file. The issue is rooted in that host-resolution path, leading to potential memory corruption. The CVSS 3.1 base score is 8.8 (HIGH) with network attack ...

PT-2023-11742 · Mongoose · Mongoose

Name of the Vulnerable Software and Affected Versions: Mongoose version 6.18 Description: The issue is a buffer overflow in the mg resolve from hosts file function when reading from a crafted hosts file. This can occur in Mongoose 6.18. Recommendations: For Mongoose version 6.18, consider updatin...

CVE-2020-25887

Buffer overflow in mgresolvefromhostsfile in Mongoose 6.18, when reading from a crafted hosts file...

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, and WenSocket client and server. A security vulnerability exists in Cesanta Mongoose version 6.18, which stems from a buffer overflow in...

CVE-2020-25887

Buffer overflow in mgresolvefromhostsfile in Mongoose 6.18, when reading from a crafted hosts file...

CVE-2020-25887

Buffer overflow in mgresolvefromhostsfile in Mongoose 6.18, when reading from a crafted hosts file...

DEBIAN-CVE-2020-25756

A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice...

The vulnerability of the Granit-Navigator-6.18 device’s built-in software lies in the absence of a mechanism to verify the authenticity of users performing modifications to the device’s built-in software. This allows attackers to carry out modifications to the software, thereby enabling complete system compromise.

The vulnerability of the embedded software of the “Granit-Navigator-6.18” device lies in the absence of a mechanism for verifying the authenticity of users performing modifications to the embedded software. Exploiting this vulnerability allows an attacker to modify the embedded software, thereby...

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device is related to the use of uncontrolled format lines, which allows a perpetrator to cause a service failure.

The vulnerability of the built-in software of the “Granit-Navigator-6.18” device is related to the use of uncontrolled format lines. Exploiting this vulnerability can allow an attacker to trigger a service failure by sending a specially crafted SMS command e.g., BB+GP=vuln%x when connecting to th...

CVE-2019-0280

CVE-2019-0280 affects SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03–6.06, 6.16–6.18, and 8.0; S4CORE 1.01–1.03). The issue is missing authorization checks on objects T_DEAL_DP and T_DEAL_PD, leading to escalation of privileges. The vulnerability is documented with HIGH impact per CVSSv3 ...

CVE-2018-2455

SAP Enterprise Financial Services (versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) is affected in the EAFS_BCA_BUSOPR_SEPA function by a lack of authorization checks for an authenticated user, enabling escalation of privileges. This vulnerability is documented as CVE-2018-2455 across multiple sources...

WordPress Button Plugin MaxButtons <= 6.18 - Authenticated Cross-Site Scripting (XSS)

The WordPress Button Plugin MaxButtons WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...