Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from the lack of mandatory...

Lightspeed Classroom 安全漏洞

Lightspeed Classroom is a teaching management platform developed by Lightspeed in the United States, used for classroom device management and student behavior monitoring. Version 5.1.2.1763770643 of Lightspeed Classroom contains a security vulnerability. This vulnerability stems from a client...

CVE-2025-67603 Lack of client authorization allows arbitrary users to influence the firewall configuration

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

Microsoft Windows SMB Client Authorization Issues Vulnerability

Microsoft Windows SMB Client is a Microsoft application. An SMB client. Microsoft Windows SMB Client has a security vulnerability that can be exploited by attackers to tamper with information...

EUVD-2021-2044

Malware in sbrugna...

EUVD-2025-23914

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-23538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used ...

CVE-2024-12369 Elytron-oidc-client: oidc authorization code injection

A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the elytron-oidc-client subsystem with EAP 8.x, authorization code injection attacks can occur, allowing an attacker to inject a stolen authorization code into the attacker's own session with t...

Softvelum Nimble Commander 安全漏洞

Softvelum Nimble Commander is a media server software from Softvelum Inc. It is used to stream live and on-demand video and audio to desktop computers, mobile devices, Internet-connected TVs, and more. A security vulnerability exists in Softvelum Nimble Commander that originates from incorrect or...

SUSE: Security Advisory (SUSE-SU-2022:4222-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4222-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2022-37026: fixed a client authorization bypass vulnerability for SSL, TLS, and DTLS in Erlang/OTP. bsc1205318...

SUSE-SU-2022:4215-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2022-37026: fixed a client authorization bypass vulnerability for SSL, TLS, and DTLS in Erlang/OTP. bsc1205318...

CVE-2022-31091 Change in port should be considered a change in origin in Guzzle

Guzzle, an extensible PHP HTTP client. Authorization and Cookie headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the Authorization and Cookie headers...

CVE-2019-11899

An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition APE 3.8, client installations need to be authorized by the APE administrator...

squid -- TLS/SSL parser denial of service vulnerability

Amos Jeffries, release manager of the Squid-3 series, reports: Vulnerable versions are 3.5.0.1 to 3.5.8 inclusive, which are built with OpenSSL and configured for "SSL-Bump" decryption. Integer overflows can lead to invalid pointer math reading from random memory on some CPU architectures. In the...

Gentoo Security Advisory GLSA 201001-05 (net-snmp)

The remote host is missing updates announced in advisory GLSA 201001-05. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

SuSE9 Security Update : net-snmp (YOU Patch Number 12441)

With this update of net-snmp the handling of TCP wrappers rules for client authorization was improved, prior to this update it was possible for remote attackers to bypass intended access restrictions and execute SNMP queries. CVE-2008-6123 Additionally binding to multiple interfaces was improved...

openSUSE Security Update : libsnmp15 (libsnmp15-879)

With this update of net-snmp the handling of TCP wrappers rules for client authorization was improved, prior to this update it was possible for remote attackers to bypass intended access restrictions and execute SNMP queries. CVE-2008-6123 Additionally binding to multiple interfaces was improved...

Design/Logic Flaw

The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to...

CVE-2008-6123

The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to...