12 matches found
EUVD-2026-31114
Allocation of Resources Without Limits or Throttling vulnerability in phenixdigital phoenixstorybook allows unauthenticated denial-of-service via BEAM atom table exhaustion. Multiple LiveView event handlers convert user-supplied event parameter strings to atoms using String.toatom/1 without...
Allocation of Resources Without Limits or Throttling
Overview org.webjars.npm:phoenix is a The official JavaScript client for the Phoenix web framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Elixir.Phoenix.Transports.LongPoll POST requests handling with Content-Type:...
Allocation of Resources Without Limits or Throttling
Overview phoenix is a The official JavaScript client for the Phoenix web framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Elixir.Phoenix.Transports.LongPoll POST requests handling with Content-Type: application/x-ndjson. A...
EEF-CVE-2026-42786 WebSocket fragmented message reassembly unbounded in bandit
Summary Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Bandit.WebSocket.Connection':handleframe/3 in lib/bandit/websocket/connection.ex appends ever...
[SECURITY] Fedora 42 Update: rust-below-0.9.0-6.fc42
below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...
📄 Remote for Mac 2025.6 Desktop Stream Disclosure
Remote for Mac version 2025.6 suffers from an unauthenticated desktop stream disclosure vulnerability. Exploit Title: Remote for Mac 2025.6 - Unauthenticated Desktop Stream Exploit Date: 2025-05-27 Exploit Author: Chokri Hammedi Vendor Homepage: https://rs.ltd Software Link:...
Malicious code in axum-live-view (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13a5a0a62bce34fe9622dd50cb22861f95c0e64bc3ac81d819fd4191380ce5e6 The OpenSSF Package Analysis project identified 'axum-live-view' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-10235 Malicious code in axum-live-view (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13a5a0a62bce34fe9622dd50cb22861f95c0e64bc3ac81d819fd4191380ce5e6 The OpenSSF Package Analysis project identified 'axum-live-view' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2024-29229
Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors...
Do more with Azure Spring Apps – scale to zero and enhance productivity
In 2020, Spotify coined the term "Golden Path” to refer to a supported approach and set of components to build and deploy software. Having these paths simplifies the development process, lets developers focus on their applications instead of infrastructure and speeds time to production. Microsoft...
CVE-2020-8947
functionsnetflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nfliveview ipdst, dstport, or srcport parameter, a different vulnerability than CVE-2019-20224...
CVE-2019-20224
netflowgetstats in functionsnetflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ipsrc parameter in an index.php?operation/netflow/nfliveview request. This issue has been fixed in Pandora FMS 7.0 NG 742...