23 matches found
CVE-2026-33054
Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted statetoken through the UI stream payload to arbitrarily target files on the disk under the standard...
CVE-2026-33054
CVE-2026-33054 affects the Mesop Python UI framework (versions ≤ 1.2.2) and enables a Path Traversal via the UI stream payload when FileStateSessionBackend is used. An untrusted state_token can target arbitrary files on disk, causing denial of service (crash loops) or unauthorized file writes/del...
EUVD-2020-26903
Malware in sbrugna...
grub2 安全漏洞
grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that originates from allowing an attacker with access to the grub shell to access files on an encrypted disk...
Failed to collect disk files location data. Timeout exceeded.
Challenge A Backup from Storage Snapshot BfSS job in Veeam Backup & Replication VBR for a vSphere virtual machine VM fails with the error: Failed to collect disk files location data. Timeout exceeded. Cause This error is displayed when the disk file location collection task, Map Disk Region, with...
Microsoft Windows Start Menu Software Version Enumeration
Binary data wmienumstartmenusoftwareversions.nbin...
BIT-GOLANG-2022-41725 Excessive resource consumption in mime/multipart
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...
Little Crumbs Can Lead To Giants
This week is the Virus Bulletin Conference in London. Part of the conference is the Cyber Threat Alliance summit, where CTA members like Rapid7 showcase their research into all kinds of cyber threats and techniques. Traditionally, when we investigate a campaign, the focus is mostly on the code of...
[SECURITY] Fedora 38 Update: amanda-3.5.4-3.fc38
AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...
Microsoft Windows Installed Software Version Enumeration
This plugin enumerates the installed software version by interrogating information obtained from various registry entries and files on disk. This plugin provides a best guess at the software version and a confidence level for that version. Note that the versions detected here do not necessarily...
EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-2292)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1869)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1822)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2023-1822)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...
[SECURITY] Fedora 37 Update: amanda-3.5.3-1.fc37
AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...
CVE-2022-41725
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...
CVE-2022-41725
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...
Design/Logic Flaw
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...
CVE-2022-41725
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...
GO-2023-1569 Excessive resource consumption in mime/multipart
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...