SUSE-SU-2026:2010-1 Security update for erlang26

This update for erlang26 fixes the following issues Security issues: - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. - CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc125968...

Security update for erlang

This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...

Linux Distros Unpatched Vulnerability : CVE-2026-28808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Authorization vulnerability in Erlang OTP inets modules allows unauthenticated access to CGI scripts protected by directory rules when served via...

CVE-2026-28808 ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)

Incorrect Authorization vulnerability in Erlang OTP inets modules allows unauthenticated access to CGI scripts protected by directory rules when served via scriptalias. When scriptalias maps a URL prefix to a directory outside DocumentRoot, modauth evaluates directory-based access controls agains...

EUVD-2023-37439

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2021-28150

Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...

PT-2021-13864 · Privoxy +4 · Privoxy +4

Name of the Vulnerable Software and Affected Versions: privoxy versions prior to 3.0.32 Description: A flaw was found in the software, allowing an assertion failure to be triggered with a crafted CGI request, leading to a server crash. This issue can be exploited by attackers to cause a denial of...

iBall ADSL2+ Home Router - Authentication Bypass

iBall ADSL2+ Home Router - Authentication Bypass Exploit Title: iBall ADSL2+ Home Router Authentication Bypass Vulnerability CVE: CVE-2017-14244 Date: 15-09-2017 Exploit Author: Gem George Author Contact: https://www.linkedin.com/in/gemgrge Vulnerable Product: iBall ADSL2+ Home Router WRA150N...

FEI news router K1 information disclosure vulnerability

Reference source: FEI news mainstream router K1 loopholes and collect user information FEI news PSG1208K1is Fibonacci Telecommunications Company, the main push of a home router product, we through the analysis of a router firmware find there are a lot of problems. First, we use a firmware analysi...

WIMAX Modem Multiple Vulnerabilities (Dec 2015) - Active Check

WIMAX Modem is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

formmail 1.92 Multiple Vulnerabilities

No description provided by source. FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices Advisory ID: cisco-sa-20110223-telepresence-cts Revision 1.0 For Public Release 2011 February 23 1600 +---------------------------------------------------------...

PT-2008-6327 · Apple · Cups

Name of the Vulnerable Software and Affected Versions: CUPS versions prior to 1.3.8 Description: The issue allows remote attackers to bypass intended policy and conduct CSRF attacks via the add and cancel RSS subscription functions in the web interface. This occurs because the web interface uses...

CVE-2008-4663

Cross-site scripting XSS vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki 1 jcode.pl and 2 Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki 1 jcode.pl and 2 Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-4663

CVE-2008-4663 is an XSS in K's CGI Access Log Kaiseki components: analysis.cgi (Ver. 1.44 and earlier) with jcode.pl and Jcode.pm. The vulnerability allows remote attackers to execute arbitrary script/HTML in a victim's browser via unspecified vectors. Refactors in connected sources confirm the v...

CVE-2008-4663

Cross-site scripting XSS vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki 1 jcode.pl and 2 Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Savant original form CGI access

A security vulnerability in the Savant web server allows attackers to download the original form of CGIsunprocessed. This would allow them to see any sensitive information stored inside those CGIs. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced...

CVE-2002-0599

Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen...

CVE-2001-0791

Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access...