CVE-2026-40982

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

Wireshark Security Update (wnpa-sec-2025-04) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Dell Enterprise SONiC OS 操作系统命令注入漏洞

Dell Enterprise SONiC OS Dell Enterprise Sonic Operating System is an open-source network operating system from Dell, USA. An operating system command injection vulnerability exists in Dell Enterprise SONiC OS versions 4.1. x and 4.2.x. The vulnerability stems from improper neutralization of...

SUSE CVE-2015-7701

Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption...

CVE-2021-38427

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

CVE-2021-38427 RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

DEBIAN-CVE-2022-28890

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...

Asken Diet 输入验证错误漏洞

Asken Diet is a health and diet calorie counting app from Asken Japan. Gets the user's weight goals and health data and creates programs to help guide the user to become healthier. A security vulnerability exists in Asken Diet versions v.3.0.0 through v.4.2.x that stems from incorrect authorizati...

PT-2021-14189 · あすけんダイエット · あすけんダイエット

Name of the Vulnerable Software and Affected Versions: あすけんダイエット asken diet versions 3.0.0 through 4.2.x Description: The issue is related to improper authorization in the handler for a custom URL scheme, allowing a remote attacker to lead a user to access an arbitrary website via the vulnerable...

Pivotal Software Spring Security Authentication Vulnerability

Pivotal Software Spring Security is a suite of security frameworks from Pivotal Software, Inc. that provide illustrative security protection for Spring-based applications. A security vulnerability exists in Pivotal Software Spring Security versions 4.2.x through 4.2.12 and older versions that are...

vBulletin 'url' parameter open redirect vulnerability

vBulletin is the United States Internet Brands and vBulletin Solutions, Inc. jointly developed an open source commercial Web forum program . An open redirector vulnerability exists in vBulletin versions 3.x.x and 4.2.x through 4.2.5. An attacker can exploit this vulnerability by sending the 'url'...

CVE-2013-4370

The ocaml binding for the xcvcpugetaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service heap corruption and crash and possibly execute arbitrary code via unspecified vectors that trigger a 1...