100 matches found
CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.
Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...
CVE-2026-9137
The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...
CVE-2026-9137
The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...
EUVD-2026-31155
The CSP report endpoint intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource exhaustion...
CVE-2026-9137 CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit
The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...
PT-2026-42248
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CSP report endpoint incorrectly allowed reports up to 1 MB before truncation, despite being intended to limit logged CSP reports to 1 KB. When this endpoint ...
BIT-ETCD-2026-33413 etcd: Authorization bypasses in multiple APIs
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...
UBUNTU-CVE-2026-33413
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...
CVE-2022-23455
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
PT-2026-20305
Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.22 Rack versions prior to 3.1.20 Rack versions prior to 3.2.5 Description The Rack::Directory component had a path check that used a string prefix match on the expanded path. A crafted request, such as /../root...
EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2423)
According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...
Astra Linux β Vulnerability in Apache2
In certain proxy configurations, a denial-of-service attack against Apache HTTP Server versions 2.4.26 through 2.4.63 can occur when untrusted clients trigger an assertion in modproxyhttp2. The configurations affected include reverse proxies configured for HTTP/2 backends, where ProxyPreserveHost...
EUVD-2020-28061
Malware in sbrugna...
EUVD-2021-0119
Malware in sbrugna...
EUVD-2019-8507
Malware in sbrugna...
EUVD-2020-28060
Malware in sbrugna...
EUVD-2020-28062
Malware in sbrugna...
EUVD-2020-28059
Malware in sbrugna...
EUVD-2020-28064
Malware in sbrugna...
EUVD-2025-21017
Malicious code in bioql PyPI...