1855 matches found
EUVD-2026-9943
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
RockyLinux 10 : thunderbird (RLSA-2026:3517)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bu...
CVE-2026-27778
The CVE-2026-27778 entry concerns the WebSocket API. The root cause is no rate limiting on authentication attempts, allowing potential denial-of-service by disrupting legitimate charger telemetry and enabling brute-force access attempts. The available documents consistently describe the issue but...
CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
SUSE-SU-2026:0812-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: - CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component - CVE-2026-2758: Use-after-free in the JavaScript: GC component -...
AlmaLinux 8 : firefox (ALSA-2026:3338)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3338 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...
EUVD-2025-208266
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...
GHSA-C825-6PH3-4H84 Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...
GHSA-8FJ7-8H3W-XWFM vulnerabilities
Vulnerabilities for packages: mattermost, zot, pulumi-language-java, cloud-sql-proxy, pulumi, flux-operator, melange, kube-vip, kyverno-policy-reporter, harbor, linkerd2, crossplane-provider-aws-route53, crossplane-provider-aws-lambda, flux, crossplane-provider-aws-cloudformation, cilium-cli, kub...
CLEANSTART-2026-BY85815 OpenTelemetry-Go is the Go implementation of OpenTelemetry
Multiple security vulnerabilities affect the argo-workflows package. OpenTelemetry-Go is the Go implementation of OpenTelemetry. See references for individual vulnerability details...
Malicious code in amigapythonupdater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46cf32631436ddacf36a4984b254c10554b4e94c6099c5012a96ec3a7c5426a1 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1142 Malicious code in wisecloudcyberark (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0e320bedb4902833dec6f929dff31967c3d37ce699cb0ed5bc586f36f36b25e During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in fwk-amigapython (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b565888509e90341d144143aa8e323b0e295d74f3857af52d94930d9d03a30f During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1137 Malicious code in fwk-amigapython (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b565888509e90341d144143aa8e323b0e295d74f3857af52d94930d9d03a30f During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in fwk-amigapython-amigamlserver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d6f09429b123469b1fc83ceb4af35c595ff4b6e2631552fc857922ca921c4c5 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...