EEF-CVE-2026-32689 Long-poll NDJSON body splitting causes unbounded memory allocation in Phoenix

Summary Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Transports.LongPoll':publish/4, when a POST request is received with Content-Type:...

PT-2023-30383 · WordPress · Wp All Export Pro +1

Name of the Vulnerable Software and Affected Versions: Export any WordPress data to XML/CSV WordPress plugin versions prior to 1.4.0 WP All Export Pro WordPress plugin versions prior to 1.8.6 Description: The issue concerns the lack of validation and sanitization of the wp query parameter, allowi...

PT-2023-3418 · Libx11 +9 · Libx11 +9

Name of the Vulnerable Software and Affected Versions: libX11 versions prior to 1.8.6 Description: A security flaw was found in libX11 due to functions in src/InitExt.c not checking if the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those function...

VMware Harbor Container Registry for Pivotal Platform Elevation of Privilege Vulnerability

VMware Harbor Container Registry for Pivotal Platform is a product of VMware. An elevation of privilege vulnerability exists in VMware Harbor Container Registry for Pivotal Platform version 1.9 prior to 1.9.3 and version 1.8 prior to 1.8.6. The vulnerability can be exploited to reset passwords an...

DEBIAN-CVE-2016-8640

A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL at least it is possible to perform updates/inserts/deletes and database...

MyBB has multiple vulnerabilities (CNVD-2016-11610)

MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.6, including SQL injectio...

DEBIAN-CVE-2013-2477

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service application crash via a malformed packet...

DEBIAN-CVE-2013-2485

The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service infinite loop via a malformed packet...