CVE-2026-44294

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped before being embedded into generated functio...

CVE-2026-44291

CVE-2026-44291 affects protobufjs: prior to versions 7.5.6 and 8.0.2, internal type lookup tables used by generated encode/decode functions could be polluted via Object.prototype, allowing attacker-controlled inherited properties to influence protobuf type information and potentially emit attacke...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. In versions starting from 7.0.0 up to before 8.0.2, there was a stack-based buffer overflow vulnerability in redis-check-aof due to the use of memcpy with strlenfilepath when copying a user-supplied file path into a fixed-siz...

CVE-2026-25401

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...

WordPress plugin WPCargo Track & Trace 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

@dicebear/collection (>=8.0.0 <=8.0.2), dicebear (>=8.0.0 <=8.0.2) potentially affected by CVE-2026-33311 via @dicebear/initials (>=8.0.0 <=8.0.2)

@dicebear/initials NPM version =8.0.0, =8.0.0, =8.0.0, =8.0.2 Source cves: CVE-2026-33311 Source advisory: SNYK:JS-DICEBEARINITIALS-15746953...

Suricata 8.x < 8.0.2 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities: - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to...

CVE-2025-64344

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

CVE-2025-64344 Suricata is vulnerable to a stack overflow from unbounded stack allocation in LuaPushStringBuffer

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

CVE-2025-64344 Suricata is vulnerable to a stack overflow from unbounded stack allocation in LuaPushStringBuffer

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64333

CVE-2025-64333 : Suricata before 7.0.13 and 8.0.2 can stack overflow when logging a large HTTP content type; patched in 7.0.13/8.0.2. Workarounds include limiting stream.reassembly.depth to less than half the stack size; increasing process stack size reduces trigger likelihood.

Suricata 代码问题漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A code issue vulnerability exists in Suricata versions 8.0.0 through prior to 8.0.2, which stems from the entropy keyword when used with base64data may result in a null pointer dereference...

Fortinet FortiWeb create new local admin

This auxiliary module exploits an authentication bypass via path traversal vulnerability in the Fortinet FortiWeb management interface to create a new local administrator user account. This vulnerability affects the following versions: FortiWeb 8.0.0 through 8.0.1 Patched in 8.0.2 and above...

PT-2025-48199

Name of the Vulnerable Software and Affected Versions Suricata versions 8.0.0 through 8.0.1 Description Suricata is a network IDS, IPS and NSM engine. Versions from 8.0.0 through 8.0.1 are susceptible to unbounded memory growth during decompression of compressed HTTP data. Disabling LZMA...

PT-2025-48205

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata is a network IDS, IPS and NSM engine. Versions of Suricata prior to 7.0.13 and 8.0.2 are susceptible to a stack overflow that can cause the software to cra...

EUVD-2022-3317

Malicious code in bioql PyPI...

EUVD-2023-2366

Malicious code in bioql PyPI...

EUVD-2025-16375

Malicious code in bioql PyPI...