CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2026-1203)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : wget (EulerOS-SA-2026-1151)

According to the versions of the wget package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are...

EulerOS Virtualization 2.10.0 : wget (EulerOS-SA-2026-1203)

According to the versions of the wget package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are...

PT-2026-5275

Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipulating the login page with SQL injection. Attackers can bypass authentication by sending crafted email and password parameters with '=''or' payload to login.php, granting...

CVE-2025-67508 gardenctl is vulnerable to Command Injection when used with non‑POSIX shells

gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft...

EUVD-2022-26173

Malicious code in bioql PyPI...

CVE-2025-20265

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...

EulerOS 2.0 SP10 : wget (EulerOS-SA-2025-1544)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these...

EulerOS 2.0 SP13 : wget (EulerOS-SA-2025-1344)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these...

EulerOS 2.0 SP13 : wget (EulerOS-SA-2025-1327)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these...

EulerOS 2.0 SP12 : wget (EulerOS-SA-2025-1309)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these...

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2025-1309)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0378 Updated wget packages fix security vulnerability

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. CVE-2024-10524...

Updated wget packages fix security vulnerability

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. CVE-2024-10524...

CVE-2024-10524

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host...

SUSE CVE-2018-1999001

A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without...

Rancher Labs Rancher 注入漏洞

Rancher Labs Rancher is a suite of open source, enterprise-grade container management platforms from US-based Rancher Labs. An injection vulnerability exists in SUSE Ranche that stems from the presence of a special element injection vulnerability that allows a remote attacker to cause a denial of...

CVE-2022-20923

A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. This vulnerability is due to the improper...

Authentication flaw

OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials...