CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

EUVD-2022-3236

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15....

Symbolicator Code Issue Vulnerability

Symbolicator is a symbol service for native stack traces and small dumps with symbol server support. A code issue vulnerability exists in Symbolicator versions 0.3.3 through 23.11.2, which stems from the fact that an attacker can use a specially crafted HTTP endpoint to allow Symbolicator to send...

PT-2023-31052 · Unknown · Symbolicator

Name of the Vulnerable Software and Affected Versions: Symbolicator versions prior to 23.11.2 Description: The issue allows an attacker to make Symbolicator send arbitrary GET HTTP requests to internal IP addresses by using a specially crafted HTTP endpoint. The response could be reflected to the...

SUSE CVE-2016-2184

The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference or double free, and system crash via a crafted endpoints value in a USB device...

UBUNTU-CVE-2016-2186

The powermateprobe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted endpoints value in a USB device descriptor...

UBUNTU-CVE-2016-2184

The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference or double free, and system crash via a crafted endpoints value in a USB device...

CVE-2015-4717

The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service infinite loop and log file consumption via crafted endpoint...

CVE-2014-3621

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...

PT-2014-5425 · Openstack +1 · Openstack Identity +1

Name of the Vulnerable Software and Affected Versions: OpenStack Identity Keystone versions prior to 2013.2.3 OpenStack Identity Keystone versions 2014.1 prior to 2014.1.2.1 Description: The issue allows remote authenticated users to read sensitive configuration options via a crafted endpoint. Th...