14 matches found
CVE-2026-45179 Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...
CVE-2026-1516 Improper Control of Generation of Code ('Code Injection') in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...
CVE-2025-70616
A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver version 1.2.0.0 in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer...
EUVD-2021-16414
Malware in sbrugna...
EUVD-2003-0748
Malware in sbrugna...
EUVD-2025-27526
Malicious code in bioql PyPI...
CVE-2024-40090
Vilo 5 Mesh WiFi System = 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack via sending a GET request to the index page...
CVE-2023-38302
A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...
SonicOS SSLVPN service unauthenticated malicious HTTP request leads to memory addresses leak
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7,...
CVE-2019-7715
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf. Setting this variable using the sysvar command results in a...
Amazon Linux AMI : kernel (ALAS-2018-944)
Race condition in rawsendmsg function allows denial-of-service or kernel addresses leak A flaw was found in the Linux kernel's implementation of rawsendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of creating raw sockets...
Important: kernel
Issue Overview: Race condition in rawsendmsg function allows denial-of-service or kernel addresses leak A flaw was found in the Linux kernel's implementation of rawsendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of...
VMware Fusion Local Information Disclosure Vulnerability
VMware Fusion allows Windows applications to run seamlessly on Intel-based Mac machines. A local information disclosure vulnerability exists in VMware Fusion. Since System Integrity Protection SIP is enabled by default on Mac OS X, a local attacker can exploit the vulnerability to obtain kernel...
OpenJDK DNS server IP address information leak (6957564)
Unspecified vulnerability in the Java Naming and Directory Interface JNDI component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October...