EUVD-2020-27006

Malware in sbrugna...

CVE-2017-1000466

Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code...

CVE-2017-1000465

Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code...

Low: cuda-nsight-compute-12-8

Issue Overview: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53870...

CVE-2020-1819

There are multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities...

CVE-2024-10455

Reachable Assertion in BPv7 parser in µD3TN v0.14.0 allows attacker to disrupt service via malformed Extension Block...

CVE-2024-3761

In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at packages/backend/src/api/v1/datasets is vulnerable to unauthorized dataset deletion due to missing authorization and authentication mechanisms. This vulnerability allows any user, even those without a valid token, to delete a datas...

CVE-2024-3761

In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at packages/backend/src/api/v1/datasets is vulnerable to unauthorized dataset deletion due to missing authorization and authentication mechanisms. This vulnerability allows any user, even those without a valid token, to delete a datas...

The vulnerability of the IBM DB2 database management system, which arises due to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted request...

BIT-2021-2011

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client...

F5 Networks BIG-IP : TMM vulnerability (K20622530)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.4 / 14.1.2.8 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K20622530 advisory. - In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3,...

F5 Networks BIG-IP : BIG-IP engineering hotfix TMM vulnerability (K53590702)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K53590702 advisory. - Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel TMM. Th...

K43314223: libxml2 vulnerability CVE-2016-1835

Security Advisory Description Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document. CVE-2016-1835 Impact Allows an attacke...

K14338030: libxml2 vulnerability CVE-2016-1762

Security Advisory Description The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 Impact Allows an attacker unauthorized disclosure of information, unauthorized modification, an...

K17118: Linux kernel vulnerability CVE-2015-2042

Security Advisory Description net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. CVE-2015-204...

K55225440: BIG-IP SOCKS proxy vulnerability CVE-2017-6148

Security Advisory Description Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by the Traffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control...

K14632915: TMM vulnerability CVE-2019-6603

Security Advisory Description Malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs. CVE-2019-6603 Impact This vulnerability...

K51201255: Linux kernel vulnerability CVE-2016-7117

Security Advisory Description Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. CVE-2016-7117 Impact...

K51351360: Websocket profile vulnerability CVE-2016-9253

Security Advisory Description In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile. CVE-2016-9253 Note : Virtual servers configured to use the HTTP profile and no websocket profile tha...

K22541983: BIG-IP virtual servers with Client SSL and HTTP/2 or SPDY configured vulnerability CVE-2017-6163

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a...