174 matches found
Astra Linux – Vulnerability in Linux 5.10
The checkaluop function in kernel/bpf/verifier.c in the Linux kernel, as of v5.16-rc5, did not properly update the bounds when handling the mov32 instruction. This issue allows local users to obtain potentially sensitive address information, also known as a “pointer leak.”...
CVE-2026-3008
Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application...
Plack::Middleware::Statsd 安全漏洞
Plack::Middleware::Statsd is a middleware component for logging web request metrics and sending them to a statistics system by Robert Rothenberg, an individual developer. A security vulnerability exists in Plack::Middleware::Statsd prior to version 0.9.0, which stems from an unencrypted...
CVE-2026-3008
Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application...
GitLab Enterprise Edition(EE) 代码注入漏洞
GitLab Enterprise Edition EE is a content management system developed by the American company GitLab. Versions of GitLab Enterprise Edition prior to 18.8.9, 18.9.5, and 18.10.3 contained a code injection vulnerability. This vulnerability stemmed from authorization issues in the code quality repor...
EUVD-2025-209075
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...
CVE-2025-55276
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...
CVE-2025-55276 HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...
CVE-2025-55276
CVE-2025-55276 concerns HCL Aftermarket DPC and an Internal IP Disclosure issue. Public documents describe an ability for an attacker to obtain a clearer map of an organization’s network layout, potentially aiding further attacks. NVD lists CVSS v3.1 base score 5.3 (Network vector, Low confidenti...
EUVD-2026-5330
Magento-lts is a long-term support alternative to Magento Community Edition CE. Prior to version 20.16.1, the admin url can be discovered without prior knowledge of it's location by exploiting the X-Original-Url header on some configurations. This issue has been patched in version 20.16.1...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000213)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000213 advisory. The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, i...
EUVD-2019-9502
Malware in sbrugna...
EUVD-2019-7495
Malware in sbrugna...
EUVD-2020-5267
Malware in sbrugna...
EUVD-2004-1796
Malware in sbrugna...
EUVD-2019-0981
Malware in sbrugna...
EUVD-2017-12241
Malware in sbrugna...
EUVD-2019-7423
Malware in sbrugna...
CVE-2025-59055 InstantCMS vulnerable to Server-Side Request Forgery via package installer
InstantCMS is a free and open source content management system. A blind Server-Side Request Forgery SSRF vulnerability in InstantCMS up to and including 2.17.3 allows authenticated remote attackers to make nay HTTP/HTTPS request via the package parameter. It is possible to make any HTTP/HTTPS...
Linux Distros Unpatched Vulnerability : CVE-2018-6790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP...