76 matches found
EUVD-2017-18646
Malware in sbrugna...
EUVD-2002-2224
Malware in sbrugna...
EUVD-2010-5307
Malware in sbrugna...
EUVD-2012-5500
Malware in sbrugna...
EUVD-2023-36514
Malicious code in bioql PyPI...
EUVD-2022-0003
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-42969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with...
CVE-2025-53019 ImageMagick has Memory Leak in magick stream
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and...
TencentOS Server 4: postgresql (TSSA-2024:0559)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0559 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2021-32684
magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec,...
CVE-2012-2632
SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intende...
CVE-2002-2245
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...
PT-2025-22168 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists between io uring cmd complete in task and ublk cancel cmd in the Linux kernel. The ublk cancel cmd function calls io uring cmd done to complete the uring cmd, b...
PT-2025-18907 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to an off-by-one fsmap error on 1k block filesystems in the Linux kernel. It occurs when the ioctl function is called with the FS IOC GETFSMAP command, and the...
CVE-2021-26616
An OS command injection was found in SecuwaySSL, when special characters injection on execute command with runCommand arguments...
CVE-2024-47880
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page th...
CVE-2023-33034 Signed-to-unsigned conversion error in Audio
Memory corruption while parsing the ADSP response command...
PT-2023-36317 · Trove · Trove
Name of the Vulnerable Software and Affected Versions: Trove affected versions not specified Description: The issue is related to the incorrect handling of arguments to the backup command by Trove. A remote attacker could possibly use this issue to execute arbitrary code. Recommendations: At the...
SUSE CVE-2022-42969
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...
MGASA-2022-0294 Updated nodejs packages fix security vulnerability
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have bee...