Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network. Remediation Upgrade libmysqlclient to version...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the InnoDB component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation Upgrade libmysqlclient to...

CVE-2026-26102

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2026-26101

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2026-26100

CVE-2026-26100 concerns Owl opds, version 2.2.0.4, where incorrect permission assignment of a critical resource enables file manipulation via a crafted network request. The CVE entry documents a MEDIUM-severity issue with CVSS 4.0, scoped as local access, low attack complexity, and no user intera...

CVE-2026-26096 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2026-26095

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

PT-2026-21267

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

SAP BusinessObjects BI Platform 安全漏洞

SAP BusinessObjects BI Platform is a centralized suite provided by German company SAP for data reporting, visualization, and sharing. There is a security vulnerability in the SAP BusinessObjects BI Platform, which can exploit a specially crafted network request to compromise authentication...

CVE-2025-64155

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...

CVE-2025-64155

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...

Fortinet FortiSIEM 安全漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. Fortinet FortiSIEM versions 7.4.0, 7.3.0 through 7.3.4, 7.1.0 through 7.1.8...

CVE-2023-50239

Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...

EUVD-2023-41436

Malicious code in bioql PyPI...

CVE-2025-24322

CVE-2025-24322 affects Tenda AC6 V5.0 V02.03.01.110 where the Initial Setup Authentication has an unsafe default configuration. A specially crafted network request can lead to arbitrary code execution, and an attacker can trigger this by browsing to the device. Connected sources (Talos blog, Red ...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Details Denial of Service DoS describes a family of attacks, all aim...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Details Denial of Service DoS describes a family of attacks, all aim...

CVE-2023-26925

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information...