RockyLinux 9 : glibc (RLSA-2026:20597)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20597 advisory. glibc: glibc: Incorrect DNS response parsing via crafted DNS server response CVE-2026-4437 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr...

RockyLinux 10 : glibc (RLSA-2026:19061)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19061 advisory. glibc: glibc: Incorrect DNS response parsing via crafted DNS server response CVE-2026-4437 glibc: glibc: Invalid DNS hostname returned via gethostbyadd...

Linux Distros Unpatched Vulnerability : CVE-2026-4438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2....

CVE-2020-10212

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

EUVD-2002-2240

Malware in sbrugna...

EUVD-2000-1053

Malware in sbrugna...

EUVD-2015-1410

Malware in sbrugna...

EUVD-1999-1302

Malware in sbrugna...

EUVD-2013-7070

Malware in sbrugna...

EUVD-2006-1257

Malware in sbrugna...

EUVD-2010-1616

Malware in sbrugna...

EUVD-2022-43780

Malicious code in bioql PyPI...

CVE-2010-1590

Cross-site scripting XSS vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname aka the REMOTEHOST variable, related to the CookielessGenerateFilename an...

CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS hostname...

Information disclosure

Information disclosure due to buffer over-read in Modem while parsing DNS hostname...

CVE-2022-40505 Buffer over-read in Modem

Information disclosure due to buffer over-read in Modem while parsing DNS hostname...

CVE-2022-40505 Buffer over-read in Modem

Information disclosure due to buffer over-read in Modem while parsing DNS hostname...

CVE-2022-40505

CVE-2022-40505 is described across connected sources as a buffer‑over‑read in the Modem when parsing DNS hostnames, causing information disclosure in Qualcomm chipset Modems. The affected component is the Modem/DNS hostname parsing path; the root cause is a buffer over-read. Documented impact inc...

PT-2023-13797 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read in the Modem while parsing DNS hostname. Recommendations: At the moment, there is no information about a newer version...

SUSE-SU-2023:0707-1 Security update for python39

This update for python39 fixes the following issues: - CVE-2023-24329: Fixed blocklists bypass via the urllib.parse component when supplying a URL that starts with blank characters bsc1208471. Update to 3.9.16: - python -m http.server no longer allows terminal control characters sent within a...