CVE-2026-12213 hcengineering Huly Platform User Information operations.ts getAccountInfo improper authorization

A vulnerability was found in hcengineering Huly Platform up to 0.7.0. Affected by this vulnerability is the function getAccountInfo of the file server/account/src/operations.ts of the component User Information Handler. The manipulation results in improper authorization. The attack may be launche...

cronmaster 安全漏洞

Cronmaster is a web-based Cron task management and system monitoring tool developed by fccview’s individual developers. Versions of Cronmaster prior to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses in the middleware. When session verification...

EUVD-2023-60438

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

CVE-2023-54203

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

CVE-2023-54203

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

UBUNTU-CVE-2023-54203

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

CVE-2023-54203 ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

CVE-2023-54203 ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

PT-2025-54032

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.21 3 Description The Linux kernel contains a flaw within the ksmbd module, specifically in the init smb2 rsp hdr function. This issue manifests as a slab-out-of-bounds write when an SMB1 mount operation fails...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

EUVD-2021-8821

Malicious code in bioql PyPI...

EUVD-2025-21715

Malicious code in bioql PyPI...

PT-2025-29868 · Voidbot · Voidbot

Name of the Vulnerable Software and Affected Versions: VoidBot Open-Source versions 0.0.1 through 0.8.1 Description: VoidBot Open-Source is a customizable Discord bot. A flaw exists in the command handler where permission checks are not properly enforced for certain administrative commands. This...

nss: timing attack against RSA decryption

It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens...

CVE-2023-1894

A Regular Expression Denial of Service ReDoS issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...

CVE-2023-1894

A Regular Expression Denial of Service ReDoS issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...

CVE-2023-1894

A Regular expression Denial of Service ReDoS issue was found in the Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...

CVE-2022-34367

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...

CVE-2022-34367

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...

Cross site request forgery (csrf)

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...