387 matches found
CVE-2024-1248 Role Overwriting via Silent JIT Provisioning in Multiple WSO2 Products Enables Privilege Escalation
The silent Just-In-Time JIT provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users wi...
CVE-2026-26422
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
EUVD-2026-34977
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
CVE-2026-26422
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
CVE-2026-26422
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
PT-2026-47167
Name of the Vulnerable Software and Affected Versions clash-verge-service-ipc versions prior to 2.3.0 Description The software contains a world-reachable IPC Inter-Process Communication endpoint, which is a mechanism that allows different processes to communicate. This configuration allows for...
Clash Verge Rev 安全漏洞
Clash Verge Rev is an open-source proxy tool developed by Clash Verge Rev. Versions prior to Clash Verge Rev 2.3.0 contained security vulnerabilities; these vulnerabilities stemmed from the existence of globally accessible IPC endpoints, which could lead to local privilege escalation...
CVE-2026-26422
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check the confirmed bit in brnflocalin after confirmation. When sending a broadcast packet to a tap device, which is added to a bridge, the brnflocalin function is called to confirm the conntrack. I...
EUVD-2026-27637
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...
CVE-2026-43114
Summary: CVE-2026-43114 involves the Linux kernel netfilter nft_set_pipapo_avx2 path. The bug arises when AVX2 matching incorrectly masks and returns a non-matching entry on expiry after a flush, causing a clashing element report. Root-cause: too-early return in AVX2 match functions, leading to o...
Linux Distros Unpatched Vulnerability : CVE-2026-43114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails...
EUVD-2026-26189
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
CVE-2026-3902
CVE-2026-3902 affects Django: vulnerable in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. The flaw in ASGIRequest allows a remote attacker to spoof headers by conflating hyphen and underscore variants, via an ambiguous header mapping. Exploitation status is not provided in the sourc...
CVE-2026-26267
soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...
PT-2026-20342
Name of the Vulnerable Software and Affected Versions soroban-sdk-macros versions prior to 22.0.10 soroban-sdk-macros versions prior to 23.5.2 soroban-sdk-macros versions prior to 25.1.1 Description The contractimpl macro in soroban-sdk-macros has a flaw in how it manages function calls. When...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
CVE-2022-26255
Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column...
CVE-2020-24772
In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relaye...
CVE-2019-7617
When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...