Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug that affects all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changi...

EUVD-2025-24258

Malicious code in bioql PyPI...

CVE-2025-8297

Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

CVE-2025-32803

In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8...

CVE-2018-4342

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1...

CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...

PT-2024-3325

Name of the Vulnerable Software and Affected Versions DHCP affected versions not specified Description The issue is related to a lack of authentication in the DHCP protocol, specifically with the classless static route option 121. This allows an attacker to manipulate routes and potentially...

PT-2021-5610

Name of the Vulnerable Software and Affected Versions Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 Description The issue is related to the absence of additional access control elements for JNDI in the Apache Log4j2 library. This can allow a remo...

AZL-6846 CVE-2021-32628 affecting package redis for versions less than 6.2.6-1

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist...

Input validation

A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration information. An...

Cisco IOS Software Unauthorized Access Vulnerability

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A security vulnerability exists in Cisco IOS 15.53M Software in Cisco CallManager Express CME devices that stems from a configuration restriction in the toll-fraud protections...

CVE-2017-6624

A vulnerability in Cisco IOS 15.53M Software for Cisco CallManager Express CME could allow an unauthenticated, remote attacker to make unauthorized phone calls. The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker...

Cisco CallManager Express Unauthorized Access Vulnerability

A vulnerability in Cisco IOS Software for Cisco CallManager Express CME could allow an unauthenticated, remote attacker to make unauthorized phone calls. The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could...

CVE-2013-7330

Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions...