CVE-2026-47911 Acrobat Reader | Out-of-bounds Write (CWE-787)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Astra Linux - уязвимость в curl

There is a vulnerability in curl version 7.87.0 where it is possible to exploit the memory reclamation mechanism. In this vulnerability, curl can be instructed to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When curl...

Linux Distros Unpatched Vulnerability : CVE-2020-13672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross- site scripting under certain circumstances. This issue...

CVE-2025-40570

The CVE-2025-40570 issue affects multiple SIPROTEC 5 devices (e.g., 6MD84/85/86/89, 6MU85, 7KE85, 7SA82/86/87, 7SD82/86/87, 7SJ81/82/85/86, 7SK82/85, 7SL82/86/87, 7SS85, 7ST85/86, 7SX82/85, 7SY82, 7UM85, 7UT82/85/86/87, 7VE85, 7VK87, 7VU85, and Compact 7SX800) where the bandwidth limit on the loc...

CVE-2023-28766

A vulnerability has been identified in SIPROTEC 5 6MD85 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V9.40, SIP...

curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl versions prior to v7.88.0 that stems from the presence of an unrestricted or throttled resource allocation vulnerability...

PT-2023-6817

Name of the Vulnerable Software and Affected Versions curl versions prior to 7.88.0 Description A flaw in the "chained" HTTP compression algorithms in curl allows a malicious server to insert a virtually unlimited number of compression steps by using many headers, potentially resulting in a denia...

SAP NetWeaver 和 ABAP Platform 安全漏洞

SAP NetWeaver and SAP ABAP Platform are both products of SAP, a service-oriented, integrated application platform. SAP NetWeaver is an integrated service-oriented application platform that provides a development and runtime environment for SAP applications.SAP ABAP Platform is an ABAP-based SAP...

curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl versions 7.82.0 through 7.83.0, which stems from the fact that curl's HSTS checks can be bypassed, allowing it to continue using the HTTP protocol...

UBUNTU-CVE-2020-13672

Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to...

AZL-6368 CVE-2021-22945 affecting package curl for versions less than 7.82.0-1

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

PT-2021-20261 · Sap · Sap Web Dispatcher +1

Name of the Vulnerable Software and Affected Versions: SAP Web Dispatcher and Internet Communication Manager ICM versions 7.21 through 7.83 Description: The issue arises from the incorrect handling of invalid HTTP headers, specifically the Transfer-Encoding header, which can lead to an HTTP Reque...

Vulnerability fixed in Drupal

A vulnerability has been fixed in Drupal. An unauthenticated remote malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. For this vulnerabilit...