15 matches found
CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one
A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...
CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one
A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...
CVE-2026-5123
Summary: CVE-2026-5123 affects osrg GoBGP up to version 4.3.0. It concerns the function DecodeFromBytes in pkg/packet/bgp/bgp.go, where manipulating the data[1] argument can trigger an off-by-one condition. The issue potentially allows a remote attacker, with a highly complex attack surface, to i...
ROS-20251223-7309
Vulnerability in python3.11 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
EUVD-2024-54910
Malicious code in bioql PyPI...
Rebuild 安全漏洞
Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from a server-side request forgery in the type parameter of the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...
CVE-2024-46413
Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...
CVE-2024-46413
Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...
CVE-2024-46413
CVE-2024-46413 concerns Rebuild v3.7.7, where the SSRF vulnerability is triggered via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex function. The issue originates in the RBStoreController loadDataIndex path and exposes the system to server-side requests t...
DDoSecrets Adds 410GB of TeleMessage Breach Data to Index
DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials...
alf.io 安全漏洞
alf.io is open source ticket reservation system. alfio-event A security vulnerability exists in alf.io versions prior to 2.0-M4-2304, which stems from alf.io not being properly authorized and containing an index of sensitive information...
PT-2021-21377 · Unknown · Wordpress Popup
Name of the Vulnerable Software and Affected Versions: WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram versions = 2.0.2 Description: The issue concerns the headline input, specifically at the &message data16headline variable. This input is vulnerable, potentially allowi...
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata in the KVM API is mapped to an array index which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.
...
CVE-2019-13489
Trape through 2019-05-08 has SQL injection via the data2 variable in core/db.py, as demonstrated by the /bs t parameter...
the elasticsearch exploit tool kit-vulnerability warning-the black bar safety net
ElasticSearch is based on Lucene to build the open source, distributed, RESTful search engine. Designed for cloud computing, it is possible to achieve real-time search, stable, reliable, fast, install easy to use. Support through HTTP using the JSON data index. ! Please do not used for illegal...