3947 matches found
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow via the setcookiegeneratecallback function. An attacker can cause a buffer overflow by providing a callback that returns a cookie value greater than 256 bytes. Note: This is only exploitable if the application explicitly...
GHSA-5PWR-322W-8JR4 pyOpenSSL DTLS cookie callback buffer overflow
If a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Cookie values that are too long are now rejected...
GHSA-VP96-HXJ8-P424 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
If a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Unhandled exceptions now result in rejecting the...
Not Failing Securely ('Failing Open')
Overview Affected versions of this package are vulnerable to Not Failing Securely 'Failing Open' via the settlsextservernamecallback function. An attacker can bypass security-sensitive checks by causing an unhandled exception in the callback, which results in the connection being accepted. If a...
pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
If a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Unhandled exceptions now result in rejecting the...
CVE-2026-4186
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...
PT-2026-25778
Name of the Vulnerable Software and Affected Versions pyOpenSSL versions 0.14.0 through 25.9.9 Description pyOpenSSL is a Python wrapper around the OpenSSL library. If a user-provided callback to the set tlsext servername callback function raised an unhandled exception, a connection would be...
TencentOS Server 4: qemu (TSSA-2026:0167)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0167 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
ueditor 代码注入漏洞
Ueditor is an open-source editor developed by Ueditor. Versions of UEditor 1.4.3.2 and earlier have a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “callback” in the file php/controller.php?action=uploadimage, which may lead to cross-site scriptin...
PT-2026-25840
Name of the Vulnerable Software and Affected Versions pyOpenSSL versions 22.0.0 through 25.3.0 Description pyOpenSSL is a Python wrapper around the OpenSSL library. If a user-provided callback to the set cookie generate callback function returned a cookie value exceeding 256 bytes, pyOpenSSL woul...
CVE-2026-4186 UEditor JSONP Callback controller.php cross site scripting
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...
CVE-2026-4186
CVE-2026-4186 affects UEditor (up to version 1.4.3.2), specifically the JSONP Callback Handler’s php/controller.php?action=uploadimage path. Root cause is manipulation of the callback argument, enabling cross-site scripting. Impact is disclosed as a remote, user-interaction-requiring XSS with no ...
CVE-2026-4186 UEditor JSONP Callback controller.php cross site scripting
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...
CVE-2026-4186
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...
PT-2026-25560
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some unknown processing of the file php/controller.php?action=uploadimage of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...
GHSA-44VG-5WV2-H2HG SimpleEval: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox
Impact If the objects passed in as names to SimpleEval have modules or other disallowed / dangerous objects available as attrs. Additionally, dangerous functions or modules could be accessed by passing them as callbacks to other safe functions to call. Examples found by @ByamB4: Any module where...
idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability
idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability Impact The Microsoft.Bcl.Memory package, a transitive dependency of idunno.AtProto and idunno.AtProto.OAuthCallback had a Denial of Service security vulnerability, CVE-2026-26127 Patches v1.7.0 updates...
EUVD-2026-12092
LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP Model Context Protocol OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, without verifying that the browser hitting the redire...
LibreChat 访问控制错误漏洞
LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Version 0.8.2 to 0.8.2-rc3 of LibreChat contains a security vulnerability related to access control. This...
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
Usages: python3 ex...