14 matches found
CVE-2026-4735
Deserialization of Untrusted Data vulnerability in DTStack chunjun chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...
CVE-2026-4735
Deserialization of Untrusted Data vulnerability in DTStack chunjun chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...
CVE-2026-4735
CVE-2026-4735 affects DTStack chunjun (chunjun-core/util) with a deserialization of untrusted data in GsonUtil.Java, leading to a stack overflow/DoS for versions before 1.16.1. Multiple sources corroborate the issue in chunjun up to 1.16.0, with Red Hat and PT-Security entries aligning on the vul...
CVE-2026-4735
Deserialization of Untrusted Data vulnerability in DTStack chunjun chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...
CVE-2026-4735 A stack overflow and DoS vulnerability in DTStack/chunjun
Deserialization of Untrusted Data vulnerability in DTStack chunjun chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...
CVE-2026-4735 A stack overflow and DoS vulnerability in DTStack/chunjun
Deserialization of Untrusted Data vulnerability in DTStack chunjun chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...
CVE-2026-23846 Tugtainer vulnerable to Password Exposure via URL Query Parameter
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
CVE-2026-23846 Tugtainer vulnerable to Password Exposure via URL Query Parameter
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
Linux Distros Unpatched Vulnerability : CVE-2019-10785
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to...
UBUNTU-CVE-2020-22217
Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...
UBUNTU-CVE-2021-3935
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...
Cloud Foundry Garden-runC release denial of service vulnerability
Cloud Foundry Garden-runC is a set of Garden-based container systems from the U.S. Cloud Foundry Foundation. A security vulnerability exists in Cloud Foundry Garden-runC versions prior to 1.16.1. A remote attacker could exploit this vulnerability to cause a denial of service for new or existing...
PT-2018-10214 · Foreman · Foreman
Name of the Vulnerable Software and Affected Versions: foreman versions prior to 1.16.1 Description: A flaw was found in the software that allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource...
PT-2018-8407 · Mit +4 · Kerberos +4
Name of the Vulnerable Software and Affected Versions: Kerberos versions prior to 1.16.1 Description: An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially us...