4 matches found
EUVD-2026-39776
When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...
CVE-2026-24130 Moonraker with LDAP Enabled Allows Malicious Search Filter Injection
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used t...
Fedora 15 : bugzilla-3.6.9-1.fc15 (2012-6396)
The following security issues have been discovered in Bugzilla : - When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery of a valid user password. - An attacker can get access to some bug information using the victim's...
Fedora 16 : bugzilla-4.0.6-1.fc16 (2012-6368)
The following security issues have been discovered in Bugzilla : - When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery of a valid user password. - An attacker can get access to some bug information using the victim's...