8 matches found
PT-2026-48808
Summary Several Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...
Distribution 安全漏洞
Distribution is an open-source toolset developed by Distribution, used for packaging, transporting, storing, and delivering content. Versions of Distribution prior to 3.1.0 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated domain URLs under the pull cache mode,...
Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls
...
CVE-2025-69195 Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...
CVE-2025-42896 Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence Platform
SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause the server to fetch attacker-supplied URLs, resulting in low impact to confidentiality and integrit...
SUSE CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...
CVE-2020-16969
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...
Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)
This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call pngsetkeepunknownchunks, which tells libpng n...