174 matches found
Locker 代码注入漏洞
Locker is an open-source personal data aggregation and management platform developed by The Locker Project. Versions 0.0.0, 0.0.1, and 0.1.0 of Locker contain code injection vulnerabilities. These vulnerabilities stem from incorrect operations on the authIsAwesome parameter ID in the file...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000643 advisory. Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001945)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001945 advisory. Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002030)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002030 advisory. Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux...
CVE-2026-22025
CryptoLib’s memory-leak vulnerability affects the KMC client: when a non-200 HTTP response is returned, cryptography_encrypt() and cryptography_decrypt() fail to free previously allocated buffers, leaking ~467 bytes per failed request and risking memory exhaustion with repeated failures. This occ...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2023-25948
Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...
DEBIAN-CVE-2025-40326
In the Linux kernel, the following vulnerability has been resolved: NFSD: Define actions for the new timedeleg FATTR4 attributes NFSv4 clients won't send legitimate GETATTR requests for these new attributes because they are intended to be used only with CBGETATTR and SETATTR. But NFSD has to do...
PT-2025-48970
Name of the Vulnerable Software and Affected Versions Envoy versions 1.33.12 through 1.36.2 Description Envoy, a high-performance edge/middle/service proxy, has an issue when configured in TCP proxy mode to handle CONNECT requests. It accepts client data before issuing a 2xx response and forwards...
UBUNTU-CVE-2025-61789
Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...
EUVD-2019-0779
Malware in sbrugna...
EUVD-2017-0010
Malware in sbrugna...
EUVD-2016-10549
Malware in sbrugna...
EUVD-2007-4825
Malware in sbrugna...
EUVD-2012-4342
Malware in sbrugna...
EUVD-2019-8033
Malware in sbrugna...
EUVD-2011-2662
Malware in sbrugna...
EUVD-2021-14515
Malware in sbrugna...
EUVD-2020-27404
Malware in sbrugna...
EUVD-2024-37266
Malicious code in bioql PyPI...