11 matches found
SUSE CVE-2026-29111
systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this i...
CVE-2019-25463
SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...
Malicious code in elf-stats-sprucey-snowman-250 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985dc0068af9fe29b65ed1a6bcd3ac544044ef5843f05a1149a1b5c87661c351 The package elf-stats-sprucey-snowman-250 was found to contain malicious code...
CVE-2025-25040
CVE-2025-25040 affects HPE Aruba CX 9300 CX-9300 switches running AOS-CX. The issue is in port ACL enforcement on routed ports for egress traffic, allowing bypass of ACLs and potential unauthorized traffic flow. Affected: AOS-CX 10.14.xxxx (all patches) and 10.15.xxxx (10.15.1000 and below). Not ...
AZL-79060 CVE-2023-39325 affecting package golang 1.25.7-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-35121 CVE-2023-39325 affecting package prometheus-adapter for versions less than 0.12.0-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
CVE-2022-2577
creationtimestamp| type| source ---|---|--- 2022-07-29 20:13:43+00:00| seen| https://t.me/cibsecurity/47268...
CVE-2022-25866
creationtimestamp| type| source ---|---|--- 2022-04-25 20:36:39+00:00| seen| https://t.me/cibsecurity/41409...
OPENSUSE-SU-2020:1497-1 Security update for singularity
This update for singularity fixes the following issues: New version 3.6.3, addresses the following security issues: - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...
The vulnerability of the software for configuring Schneider Electric Easergy Builder controllers and the micro-software for the modular controller used in automating transformer substations (Schneider Electric Easergy T300, HU250) lies in its weak password requirements. This allows a hacker to compromise the user’s credentials.
The vulnerability of the software for configuring Schneider Electric Easergy Builder controllers and the micro-software for the modular controller used in automating transformer substations—Schneider Electric Easergy T300 HU250—is related to weak password requirements. Exploiting this vulnerabili...
Pivotal Software Cloud Foundry cf-release and CAPI-release denial of service vulnerabilities
Pivotal Software Cloud Foundry CF is a suite of open source Platform-as-a-Service PaaS cloud computing platforms from Pivotal Software in the United States, which provides container scheduling, continuous delivery, and automated service deployment, among other capabilities. cf-release and...