OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were caused by logical errors in the Discord component’s interaction routing mechanism, which incorrectly categorize...

Movary 安全漏洞

Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.71.1 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the routing definitions for the user management endpoint/settings/users did not enforce the use of only...

EUVD-2026-9478

A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service DoS condition. Thi...

esm.sh 代码问题漏洞

esm.sh is an open-source content distribution network developed by esm.sh. Versions of esm.sh 137 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability in the https routing mechanism of esm.sh. The service attempted to block...

PT-2026-23544

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 clawdbot versions prior to 2026.1.24-3 Description The software contains a webhook routing issue in the Google Chat monitor component. This allows for cross-account policy context misrouting when multiple...

CVE-2025-61099

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaqueinfodetail function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted LS Update packet...

Pluck CMS 安全漏洞

Pluck CMS is a content management system from Plunk CMS open source. A security vulnerability exists in Pluck CMS version 4.7.20-dev, which stems from a flaw in the routing logic of the albums module that could lead to arbitrary command execution...

AZL-47868 CVE-2024-44070 affecting package frr for versions less than 9.1.1-2

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

USN-6494-2 linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15 vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes e.g. one with only an unknown transit attribute.

...

SUSE CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

SUSE CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

c-toxcore 信息泄露漏洞

c-toxcore is a peer-to-peer serverless instant messenger designed to make security and privacy easier for the average user. TokTok c-toxcore suffers from an information disclosure vulnerability that stems from the fact that the Onion module in toxcore prior to version 0.2.2 does not restrict whic...

Advisory: Circumventing Authentication in ALL VPNet VPN Devices

-----------------.---------------------------------------------. /| | . | / | : : : : : : | | | :: ------ :: : :: | :: - |----- | | :: : :: . : | | :: : | | | : . |------| | : | | | ------^ : | / | . | ;----------"---------------^------ / ------'--------------------- | / / / /----' / /...