Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AFXDP binding not verifying whether the device MTU is suitable for the UMEM frame size,...

Tenda F456 缓冲区错误漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a buffer error vulnerability. This vulnerability stems from the operation of the parameter “page” in the goform/SetIpBind function within the httpd component, which may lead to a...

EUVD-2026-13844

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software...

CVE-2026-33013

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions prior to both 4.10.16 and 3.10.5 do not correctly handle descending array index order during form-urlencoded body binding in...

CVE-2026-26057

The CVE-2026-26057 entry is complemented by a concrete advisory for Skill-scanner (Skill-scanner API Server). Affected: Skill-scanner 1.0.1 and earlier when API Server is enabled. Root cause: erroneous binding to multiple interfaces. Impact: unauthenticated remote attacker can trigger DoS via res...

Skill-scanner Unsecured Network Binding Vulnerability

Description: A vulnerability in the API Server of Skill Scanner could allow a unauthenticated, remote attacker to interact with the server API and either trigger a denial of service DoS condition or upload arbitrary files. This vulnerability is due to an erroneous binding to multiple interfaces. ...

EUVD-2021-1599

Malware in sbrugna...

EUVD-2012-1843

Malware in sbrugna...

EUVD-2022-6263

Malicious code in bioql PyPI...

EUVD-2022-0623

Malicious code in bioql PyPI...

EUVD-2022-40030

Malicious code in bioql PyPI...

NiceGUI has a Reflected XSS

Summary A Cross-Site Scripting XSS risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input with ui.html without...

CVE-2025-55322

Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network...

CVE-2025-49146

pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...

CVE-2024-48548

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...

CVE-2022-24190

The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. The usertoken header is not implemented or present on this end-point. An attacker can send a request to bind their account to any users picture frame, then send a POST request to acce...

CVE-2010-0521

Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2025:0427-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0427-1 advisory. - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Tenable has extracte...

cups-filters security update

1.28.7-17.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.28.7-17 - fix rpmverify error 1.28.7-16 - CVE-2024-47175 cups-filters: remote command injection via...