265 matches found
CVE-2025-40604
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...
CVE-2025-40604
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...
CVE-2025-40604
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...
PT-2025-47567
Name of the Vulnerable Software and Affected Versions SonicWall Email Security Appliance affected versions not specified Description The SonicWall Email Security appliance downloads root filesystem images without verifying signatures. This allows attackers with VMDK or datastore access to modify...
EUVD-2025-50833
SpiceDB WriteRelationships fails silently if payload is too big...
CVE-2025-64529
A vulnerability has been identified in the WriteRelationships API of SpiceDB, where large relationship-update requests can be silently dropped when the payload exceeds what the underlying datastore permits. This occurs because the server does not always return an error when processing oversized...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...
CVE-2025-64529 SpiceDB's WriteRelationships fails silently if payload is too big
SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions prior to 1.45.2, users who use the exclusion operator somewhere in their authorization schema; have configured their SpiceDB server such that...
EUVD-2021-18871
Malware in sbrugna...
EUVD-2017-1550
Malware in sbrugna...
EUVD-2008-4264
Malware in sbrugna...
EUVD-2018-7467
Malware in sbrugna...
EUVD-2016-0717
Malware in sbrugna...
Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.5.4 security update
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
PT-2025-26262 · Maven · Org.Geotools:Gt-Wfs-Ng +1
Summary GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity XXE exploit. Impact This impacts whoever exposes XML processing with gt-xsd-core involved in parsing, when the documents carry a reference to an external XML schema. Th...
CVE-2024-23640
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...
CVE-2023-46255
SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...
CVE-2023-25157
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...
Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Cross Site Scripting (XSS)
ckan is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to the Datatables view plugin did not properly escape record data coming from the DataStore. This can lead to compromising confidentiality of the system...