CVE-2026-4747

CVE-2026-4747 is a FreeBSD vulnerability in the RPCSEC_GSS implementation (kgssapi.ko) where svc_rpc_gss_validate() copies attacker-controlled data into a 128-byte stack buffer without enforcing size, enabling a 304-byte overflow when credential bodies up to 400 bytes are supplied. This can lead ...

FreeBSD -- Remote code execution via RPCSEC_GSS packet validation

Problem Description: Each RPCSECGSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notabl...

EUVD-2019-8495

Malware in sbrugna...

EUVD-2008-4213

Malware in sbrugna...

EUVD-2010-3314

Malware in sbrugna...

CVE-2019-8699

A logic issue existed in the handling of answering phone calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4. The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection...

CVE-2024-45552

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesnt adhere to RFC standards...

CVE-2025-21691

The CVE-2025-21691 entry concerns the Linux kernel cachestat syscall. The issue arose because the cachestat() addition did not include the writability/ownership permission check that mincore() had, allowing potential misuse when reading page cache stats. The connected advisories confirm a code-le...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost version 10.2 and previous versions 10.x. The vulnerability stems from an inaccurate reflection of missing settings, leading to administrator confusion abou...

CVE-2024-29810

CVE-2024-29810 details (mode C) : Affected software is the 10Web Photo Gallery WordPress plugin. The vulnerability is a reflected Cross-Site Scripting via the thumb_url parameter in the AJAX response for editimage_bwg in admin-ajax.php. The flaw allows arbitrary JavaScript to be inserted and exec...

GSD-2021-1001529 netfilter: ipset: Fix oversized kvmalloc() calls

netfilter: ipset: Fix oversized kvmalloc calls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...

[Full-Disclosure] Second critical mremap() bug found in all Linux kernels

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel domremap VMA limit local privilege escalation vulnerability Product: Linux kernel Version: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2 Vendor: http://www.kernel.org/ URL:...

ManTrap 1.6.1 - Hidden Process Disclosure

// source: https://www.securityfocus.com/bid/1908/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who gains access to it. To ensur...

Дырка fcheck v.2.7.45

Вызов system из скрипта perl без проверки аргумента позволяет пользователю получить привелегии программы сконструировав специальное имя файла...