EUVD-2016-7217

Malware in sbrugna...

EUVD-2025-19573

Malicious code in bioql PyPI...

CVE-2025-41418

Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request...

CVE-2025-41418

Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request...

CVE-2025-41418

Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request...

CVE-2025-41418

CVE-2025-41418 is a buffer overflow in TB-eye network recorders and TB-eye AHD recorders. The CGI process may terminate abnormally when handling a specially crafted request, affecting availability (low impact). No explicit exploit details are provided in the supplied documents. Remediation exists...

CVE-2025-41418

Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request...

PT-2025-27050 · Unknown · Tb-Eye Network Recorders +1

Name of the Vulnerable Software and Affected Versions: TB-eye network recorders and AHD recorders affected versions not specified Description: A buffer overflow issue exists in the affected devices. The CGI process may terminate abnormally when processing a specially crafted request...

F5 Networks BIG-IP : iControl SOAP vulnerability (K000130415)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000130415 advisory. - A format string vulnerability exists in iControl SOAP that allows an authenticated attacker...

Format string

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...

CVE-2023-22374

CVE-2023-22374 affects F5 BIG-IP iControl SOAP with a format-string vulnerability that can crash the iControl SOAP CGI process or allow potentially arbitrary command execution for authenticated attackers. Affected BIG-IP branches and vulnerable versions (per K000130415): 17.x (17.0.0) fixed in 17...

F5 iControl SOAP elevation of privilege vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An elevation of privilege vulnerability exists in F5 iControl SOAP, which can be exploited by an authenticated attacker to...

CVE-2016-6287

The "http-client" egg always used a HTTPPROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests throu...

CVE-2016-6287

The "http-client" egg always used a HTTPPROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests throu...

Design/Logic Flaw

The "http-client" egg always used a HTTPPROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests throu...

CVE-2016-6287

The "http-client" egg always used a HTTPPROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests throu...

Apache Httpd < 2.4.25 : HTTP_PROXY environment variable "httpoxy" mitigation

HTTPPROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTPPROXY" variable from a "Proxy:" header, which h...

Apache Httpd < 2.2.32 : HTTP_PROXY environment variable "httpoxy" mitigation

HTTPPROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTPPROXY" variable from a "Proxy:" header, which h...

Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...

CVE-2007-6077

The session fixation protection mechanism in cgiprocess.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookieonly attribute from the DEFAULTSESSIONOPTIONS constant, which effectively causes cookieonly to be applied only to the first instantiation of CgiRequest, which allows remote...