Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007

This module enables you to turn a Drupal install into the Central Authentication System CAS. It makes your database the primary location for other systems to use for authentication in a SSO environment. The module doesn't sufficiently sanitize user-supplied field values configured to be included ...

CVE-2024-27913

ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service ospfd daemon crash via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field...

Design/Logic Flaw

ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service ospfd daemon crash via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field...

CVE-2024-27913

ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service ospfd daemon crash via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field...

FRRouting Security Vulnerabilities

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting 9.1 and earlier versions , the vulnerability stems from a missing attribute field , a remote attacker can cause a denial of service...

CVE-2024-27913

ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service ospfd daemon crash via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field...

PYSEC-2019-120

scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: RADIUSAttrPacketListField.getfieldself... The attack vector is: over the network or in a pcap. both work...

PT-2019-11477 · Secdev +1 · Scapy +1

Name of the Vulnerable Software and Affected Versions: scapy version 2.4.0 Description: The issue is a Denial of Service that results in an infinite loop, resource consumption, and the program becoming unresponsive. The component affected is the RADIUSAttrPacketListField.getfieldself.. function...

CVE-2012-4848

Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Foundations Start before 1.2.2c allow remote authenticated users to inject arbitrary web script or HTML via a Webconfig Users user-attribute field, as demonstrated by the 1 First Name or 2 Last Name field...

Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...