50 matches found
EUVD-2026-36719
Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...
[SECURITY] Fedora 43 Update: rpki-client-9.8-1.fc43
The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...
SUSE CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
DEBIAN-CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830 c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830 c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830
CVE-2026-27830 affects the c3p0 JDBC connection pool. Before 0.12.0, the property userOverridesAsString was stored as a hex-encoded serialized object, enabling an attacker to reset it and trigger deserialization that could load code from a remote factoryClassLocation via embedded JNDI references....
CVE-2026-27830 c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
[SECURITY] Fedora 43 Update: rpki-client-9.7-1.fc43
The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...
EUVD-2016-1303
Malware in sbrugna...
EUVD-2018-20528
Malware in sbrugna...
EUVD-2019-5932
Malware in sbrugna...
EUVD-2020-8180
Malware in sbrugna...
EUVD-2017-2437
Malware in sbrugna...
CVE-2024-28328
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject arbitrary commands or formulas in the client name parameter which can be triggered and executed in a different user session upon exporting to CSV format...
CVE-2024-28328
The connected Red Hat/NVD/Other sources confirm a CSV Injection vulnerability in ASUS RT-N12+ (B1) routers. The flaw stems from insufficient input sanitization in the client name parameter, which, when exporting data to CSV, can allow an administrator to inject commands or formulas that may execu...