CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

CVE-2025-68164

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

CVE-2025-68164

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

CVE-2025-68164

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

EUVD-2025-203766

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

CVE-2025-68164

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

CVE-2025-68164

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

CVE-2025-68164

JetBrains TeamCity is affected when running versions prior to 2025.11.0. CVE-2025-68164 allows port enumeration via the Perforce connection test. The issue is described as a low-severity, network-accessible condition (CVSS 3.1: 2.7; confidentiality impact Low; privileges required High; user inter...

PT-2025-51715

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

PT-2025-48960

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1, 9.4.6, 9.3.8, and 9.2.10 Splunk Cloud Platform versions prior to 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116 Description A user with a role containing the change authentication high privilege capabili...

CVE-2025-60279

A server-side request forgery SSRF vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal...

EUVD-2025-34888

A server-side request forgery SSRF vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal...

CVE-2025-60279

Illia Cloud illia-Builder has an SSRF vulnerability (CVE-2025-60279) affecting versions before v4.8.5. The issue allows authenticated users to cause arbitrary requests to internal services via the API, enabling port enumeration based on response discrepancies and interaction with internal service...

CVE-2025-60279

A server-side request forgery SSRF vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal...

CVE-2025-60279

A server-side request forgery SSRF vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal...

EUVD-2021-0120

Malware in sbrugna...

EUVD-2022-41763

Malicious code in bioql PyPI...

CVE-2021-29431

Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perfor...

Linux Distros Unpatched Vulnerability : CVE-2024-50342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When usi...