15 matches found
EUVD-2008-2296
Malware in sbrugna...
EUVD-2022-42711
Malicious code in bioql PyPI...
EUVD-2022-42712
Malicious code in bioql PyPI...
CVE-2025-40838
Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information...
PT-2025-39402
Name of the Vulnerable Software and Affected Versions Ericsson Indoor Connect 8855 affected versions not specified Description The Ericsson Indoor Connect 8855 has a security issue where client-side server-side security checks can be bypassed. Successful exploitation of this issue could result in...
CVE-2025-46408
An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.PushHttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOWALLHOSTNAMEVERIFIER, bypassing domain validation...
EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2010)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacke...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks...
CVE-2025-49179
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks...
CVE-2025-49179
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks...
CVE-2025-49179
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2019-17507
An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker could access management pages of the router via a client that ignores the 'top.location.href = "/dirlogin.asp"' line in a .asp file. This provides access to dstatus.asp, version.asp, ddhcptbl.asp, and dacl.asp...
CVE-2022-3321 Lock WARP switch feature bypass on WARP mobile client for iOS
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...
CVE-2018-17791
Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...
CVE-2019-0215
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions...