12 matches found
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
EUVD-2026-32219
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot In the 'DeleteIndexEntryRoot' case of the 'doaction' function, the entry size 'esize' is retrieved from the log record without adequate bounds checking. Specifically,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the DeleteIndexEntryRoot function in fs/ntfs3. This function fails to perform sufficient boundary...
EUVD-2026-29111
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
CVE-2026-36906 describes a Cross Site Scripting vulnerability in iotgateway v3.0.1 . The issue is triggered via the Log Record Function , enabling a remote attacker to potentially execute arbitrary code in the context of the affected application. Available sources consistently cite the same descr...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
PT-2026-39645
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
Apache Log4cxx 安全漏洞
Apache Log4cxx is a C++ logging framework developed by the Apache Foundation, based on the Apache log4j framework. Versions of Apache Log4cxx prior to 1.7.0 contained security vulnerabilities. These vulnerabilities stemmed from XMLLayout not clearing characters prohibited by the XML 1.0...
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...