EUVD-2020-9096

Malware in sbrugna...

aella-gateway-admin (>=1.0.5 <=1.0.9), angus-router (>=0.1.0 <=0.1.4) +5 more potentially affected by CVE-2025-9096 via express-gateway (=1.16.11)

express-gateway NPM version =1.16.11 is affected by a known vulnerability. The following packages have a transitive dependency on express-gateway and may be impacted: - aella-gateway-admin =1.0.5, =0.1.0, =1.0.0, =0.0.1, =0.0.5, =0.0.6 - factoria.rae.identity =1.0.0 - wawole-gateway =1.0.0 Source...

CVE-2024-9096

In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, such as middleware to ensure that only authorized users e.g., project owners or admins can modify checklist data. This...

CVE-2024-9096 Improper Authorization in lunary-ai/lunary

In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, such as middleware to ensure that only authorized users e.g., project owners or admins can modify checklist data. This...

Linux Distros Unpatched Vulnerability : CVE-2015-9096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences...

Security Bulletin: IBM Daeja ViewONE Virtual 5.0.14 iFix 5 addresses CVE-2017-9096

Summary IBM Daeja ViewONE Virtual 5.0.14 iFix 5 released on October 3, 2024 addresses the vulnerable library iText reported under CVE-2017-9096 by removing it. Vulnerability Details CVEID:CVE-2017-9096 DESCRIPTION: iText PDF Library could allow a remote authenticated attacker to obtain sensitive...

Moxa MB3xxx Series Protocol Gateways Weak Password Requirements (CVE-2019-9096)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing accoun...

SUSE CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

Mageia: Security Advisory (MGASA-2017-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2445)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2021-2445)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-1845)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Primavera Unifier (Oct 2020 CPU)

The 16.1-16.2, 17.7-17.12, 18.8, and 19.12 versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platfor...

CVE-2020-9096

HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160C00E160R2P8 have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause...

CVE-2020-9096

Summary: CVE-2020-9096 affects Huawei P30 Pro smartphones with versions earlier than 10.1.0.160 (C00E160R2P8). The root cause is an out-of-bounds read caused by functions that do not verify messages from other modules. The vulnerability can be exploited by sending a malicious message, potentially...

Security Advisory - Out Of Bound Read Vulnerability in Huawei Smartphone

There is an out of bound read vulnerability in Huawei smartphones. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-9096

CVE-2019-9096 affects Moxa MGate MB3170/MB3270 (firmware &lt;=4.0), MB3180 (&lt;=2.0), MB3280/MB3480 (&lt;=3.0), MB3660 (

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...