331 matches found
EUVD-2024-1036
Malicious code in bioql PyPI...
EUVD-2024-39879
Malicious code in bioql PyPI...
EUVD-2023-58372
Malicious code in bioql PyPI...
EUVD-2022-6873
Malicious code in bioql PyPI...
EUVD-2023-1859
Malicious code in bioql PyPI...
EUVD-2023-50463
Malicious code in bioql PyPI...
EUVD-2025-4472
Malicious code in bioql PyPI...
EUVD-2023-28600
Malicious code in bioql PyPI...
CVE-2025-54884
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-6712
MongoDB Server (MongoDB Server v8.0.x prior to 8.0.10) is affected by a DoS risk due to high memory usage. The issue stems from inefficient memory management in internal operations, where certain internal processes persisting longer than expected can cause memory consumption to spike, potentially...
TencentOS Server 3: python-pillow (TSSA-2022:0012)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0012 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-42994
SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and integrity of the...
CVE-2024-42385
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters...
CVE-2023-46257
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-43810
OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label httpmethod that has unbound cardinality. It...
CVE-2021-23182
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; All versions of 8.30...
CVE-2021-20019
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability...
CVE-2007-5554
Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE...
Alibaba Cloud Linux 3 : 0176: samba (ALINUX3-SA-2022:0176)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0176 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2016-2124: A flaw was found in the way...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 CVE-2025-32050: Fixed Integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...