203 matches found
Unity Linux 20.1060e / 20.1070e Security Update: aspell (UTSA-2026-017600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017600 advisory. libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the...
SUSE CVE-2026-4046
The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...
CVE-2026-25581
SCEditor is a lightweight WYSIWYG BBCode and XHTML editor. Prior to 3.2.1, if an attacker has the ability control configuration options passed to sceditor.create, like emoticons, charset, etc. then it's possible for them to trigger an XSS attack due to lack of sanitisation of configuration option...
PT-2026-6845
If an attacker has the ability control configuration options passed to sceditor.create, like emoticons, charset, etc. then it's possible for them to trigger an XSS attack due to lack of sanitisation of configuration options. Proof of concept: js sceditor.createtextarea, emoticons: dropdown: ':':...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003478)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003478 advisory. Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set...
CVE-2020-10113
cPanel before 84.0.20 allows self XSS via a temporary character-set specification SEC-515...
TencentOS Server 4: xterm (TSSA-2025:0133)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0133 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
FreeBSD : ISC KEA -- Invalid characters cause assert (55c4e822-b4e4-11f0-8438-001b217e4ee5)
"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 55c4e822-b4e4-11f0-8438-001b217e4ee5 advisory. Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must...
CVE-2025-11232
Kea DHCP (ISC) vulnerability CVE-2025-11232 affects Kea 3.0.1 and 3.1.1–3.1.2. The root cause is an assertion triggered by three specific default config values: hostname-char-set uses the default [^A-Za-z0-9.-], hostname-char-replacement is empty, and ddns-qualifying-suffix is non-empty. When a c...
ISC KEA -- Invalid characters cause assert
Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must N...
PT-2025-44333
Name of the Vulnerable Software and Affected Versions Kea versions 3.0.1 through 3.0.1 Kea versions 3.1.1 through 3.1.2 Description The software can exit unexpectedly when receiving certain option content from a client if three configuration parameters are set to specific values. Specifically, th...
EUVD-2008-2662
Malware in sbrugna...
EUVD-2020-2576
Malware in sbrugna...
EUVD-2014-3498
Malware in sbrugna...
EUVD-2018-3367
Malware in sbrugna...
EUVD-2008-3187
Malware in sbrugna...
EUVD-2007-1112
Malware in sbrugna...
EUVD-2012-4151
Malware in sbrugna...
EUVD-2016-7070
Malware in sbrugna...
EUVD-2015-8491
Malware in sbrugna...