EUVD-2026-21537

Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray method uses PHP's eval to parse platform settings from the database. An attacker with admin access obtainable via Advisory 1 can inject arbitrary PHP code into the settings,...

EUVD-2026-10306

A vulnerability has been found in Tenda FH1202 1.2.0.14408. This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

PT-2024-16416 · Knightliao · Disconf

Name of the Vulnerable Software and Affected Versions: knightliao Disconf version 2.6.36 Description: A critical issue has been found, affecting an unknown part of the file /api/config/list of the component Configuration Center. This leads to improper authentication and can be initiated remotely...

SUSE SLES12 Security Update : openssh (SUSE-SU-2017:0607-3)

This update for openssh fixes the following issues : - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of host private keys to...