169 matches found
MPEG-4 container plugin for Membrane Framework 安全漏洞
The MPEG-4 container plugin for Membrane Framework is an open-source plugin developed by Membrane Framework for parsing and multiplexing MP4 containers. Versions of the MPEG-4 container plugin for Membrane Framework from 0.3.0 to 0.36.7 contained security vulnerabilities. These vulnerabilities...
EUVD-2026-31114
PhoenixStorybook: Unbounded atom creation from LiveView event params atom-table DoS...
CVE-2026-48597
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
CVE-2026-48597
The vulnerability CVE-2026-48597 affects elixir-tesla (Tesla) where Tesla.Adapter.Mint.open_conn/2 converts each outgoing request URL scheme to a BEAM atom using String.to_atom(uri.scheme) without an allow-list. Since BEAM atoms are not garbage-collected, an attacker who can influence the request...
PT-2026-45840
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open conn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.to atomuri.scheme with no...
CVE-2026-47067
Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...
CVE-2026-47067
Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...
EEF-CVE-2026-8469 Unauthenticated denial-of-service via BEAM atom table exhaustion in phoenix_storybook
Summary Allocation of Resources Without Limits or Throttling vulnerability in phenixdigital phoenixstorybook allows unauthenticated denial-of-service via BEAM atom table exhaustion. Multiple LiveView event handlers convert user-supplied event parameter strings to atoms using String.toatom/1 witho...
PT-2026-42180
Name of the Vulnerable Software and Affected Versions phenixdigital phoenix storybook versions 0.2.0 through 1.0.x Description An unauthenticated denial-of-service can occur via BEAM atom table exhaustion. Multiple LiveView event handlers convert user-supplied event parameter strings to atoms usi...
CLSA-2026-1778142227 nginx: Fix of 2 CVEs
CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when authentication retry is enabled with CRAM-MD5 or APOP - CVE-2026-32647: fix buffer over-read/write in ngxhttpmp4module when processing crafted mp4 files with empty stco/co64 atoms...
Malicious code in @mesh-atoms/typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec6ac39821bf7c99a476b848fcfccf47089487d33dc8eeb893b9f87e6dc7f847 The package @mesh-atoms/typography was found to contain malicious code...
MAL-2026-2715 Malicious code in @mesh-atoms/typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec6ac39821bf7c99a476b848fcfccf47089487d33dc8eeb893b9f87e6dc7f847 The package @mesh-atoms/typography was found to contain malicious code...
Ash Framework 资源管理错误漏洞
Ash Framework is an open-source framework used for building Elixir applications. Versions of Ash Framework prior to 3.22.0 contained a resource management vulnerability. This vulnerability stems from Ash.Type.Module.castinput/2, which “Elixir.”, thereby creating new Erlang atoms. This could lead ...
EUVD-2011-0275
Malware in sbrugna...
EUVD-2011-0278
Malware in sbrugna...
EUVD-2011-0276
Malware in sbrugna...
EUVD-2020-24929
Malware in sbrugna...
EUVD-2017-5240
Malware in sbrugna...
EUVD-2020-24959
Malware in sbrugna...
EUVD-2020-24931
Malware in sbrugna...