CVE-2026-41178 OpenTelemetry-Go's baggage parsing no longer caps raw header length

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes Parse to process arbitrarily large/invalid baggage headers and log errors, enabling DoS via oversized inputs. Versions 1.42.0 and 1.44.0 fix the issue...

Astra Linux – Vulnerability in connman

In ConnMan version 1.41, remote attackers who can send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute arbitrary code...

SOPlanning 1.41 SQL Injection

A SQL injection vulnerability exists in SOPlanning version 1.41. The vulnerability allows remote attackers to execute arbitrary SQL commands and potentially compromise the database. This issue is older research added to the archive...

CVE-2024-28131

EasyRange Ver 1.41 contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed. If this vulnerability is exploited, arbitrary code may be executed...

lmxcms 安全漏洞

lmxcms dream cms is a website builder from China Dream Cms lmxcms company. A security vulnerability exists in lmxcms version 1.41, which originates from SQL injection due to incorrect operation of the parameter sortid in the file cadminx005fx001atAction.class.php...

PT-2025-20663 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: LmxCMS version 1.41 Description: A critical issue has been found in the function manageZt of the file cadminZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to SQL injection. It is possib...

PT-2025-4805 · Unknown +1 · Refreshspecial Extension +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - RefreshSpecial Extension versions 1.39.X through 1.39.11 Mediawiki - RefreshSpecial Extension versions 1.41.X through 1.41.3 Mediawiki - RefreshSpecial Extension versions 1.42.X through 1.42.2 Description: The issue is related to...

Mediawiki OpenBadges Extension 跨站脚本漏洞

Mediawiki OpenBadges Extension is an extension of the Wikimedia Foundation USA. A cross-site scripting vulnerability exists in Mediawiki OpenBadges Extension. An attacker exploiting this vulnerability could perform a cross-site scripting attack. The following versions are affected: version 1.39.X...

EasyRanges 安全漏洞

EasyRanges is a small Julia package from the individual developer Éric Thiébaut. A security vulnerability exists in EasyRanges version 1.41, which stems from an issue with EasyRange that contains search paths for executables, which could lead to loading executables located in the same folder as t...

CVE-2023-46958

An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...

CVE-2023-46958

An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...

lmxcms Security Vulnerabilities

lmxcms dream cms is a website builder from China Dream Cms lmxcms company. A security vulnerability exists in lmxcms version v.1.41, which originated from a vulnerability that allows remote attackers to execute arbitrary code via a carefully crafted script...

PT-2023-30271 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: lmxcms version 1.41 Description: An issue in lmxcms allows a remote attacker to execute arbitrary code via a crafted script to the "admin.php" file. Recommendations: For lmxcms version 1.41, consider disabling access to the "admin.php" file a...

Connman 缓冲区错误漏洞

Connman is a connection manager. A security vulnerability exists in ConnMan version 1.41 and earlier. An attacker could exploit the vulnerability to cause a buffer overflow on the stack and a denial of service, which could terminate the connman process...

CVE-2023-1321

A vulnerability has been found in lmxcms 1.41 and classified as critical. Affected by this vulnerability is the function update of the file AcquisiAction.class.php. The manipulation of the argument id with the input -1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack can be...

PT-2023-15571 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: lmxcms version 1.41 Description: The issue is related to an arbitrary file read vulnerability. It affects the TemplateAction.class.php file, allowing unauthorized access to files. Recommendations: For lmxcms version 1.41, consider restricting...

CVE-2022-45920

In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel ConnMan version 1.41, which stems from the existence of a post-release reuse issue with WISPR, and can be exploited by an attack...

PT-2022-18833 · Jenkins · Jenkins Instant-Messaging Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins instant-messaging Plugin versions 1.41 and earlier Description: The issue allows passwords for group chats to be stored unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins...

DEBIAN-CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...