UBUNTU-CVE-2026-46185

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...

Helm 安全漏洞

Helm is a Kubernetes package manager from the CNCF Foundation. A security vulnerability exists in Helm versions prior to 3.18.5, which stems from improper validation of type errors and could cause the program to crash...

CVE-2025-1735 pgsql extension does not check for errors during escaping

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

Cisco IOS XR Software Dedicated XML Agent TCP DoS (cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS on XML TCP listen port 38751. This vulnerability is d...

Cisco IOS XR 安全漏洞

Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR that stems from a lack of proper error validation of incoming XML packets...

Citrix License Server Troubleshooting - Hub Article

Introduction This serves as a central location for common Citrix License Server troubleshooting articles authored and vetted by a group of Citrix subject matter experts in this area. Overview of the Issue Provide a brief yet comprehensive overview of the issue, outlining the common challenges and...

CVE-2024-26594

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid...

kernel: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()

A flaw was found in the Linux kernel in archpreparekprobe: where certain error conditions are not properly validated before dereferencing a pointer. Under specific circumstances, this can result in a NULL pointer dereference in kernel space. If triggered, the kernel may generate an oops or panic,...

CVE-2024-26594

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid...

CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

PT-2022-6094 · Cisco · Cisco Wireless Lan Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Wireless LAN Controller WLC AireOS Software affected versions not specified Description: The issue is related to insufficient error validation in the authentication functionality of the Cisco Wireless LAN Controller, which could allow a...

User's may accidentally overpay in register() / renew() and the excess will be paid to the vault creator :-

Lines of code Vulnerability details Vulnerability details Impact User's may accidentally overpay in register / renew and the excess will be paid to the vault creator Proof of Concept 1. File: 2022-08-mimo/contracts/actions/MIMORebalance.sol line 129-132: require...

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...

CVE-2022-20715

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

SRC-2022-0008 : VMware Workspace ONE Access ApplicationSetupController dbTestConnection JDBC Injection Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workspace ONE Access. Authentication is required to exploit this vulnerability. The specific flaw exists within ApplicationSetupController class. The issue results from...

PT-2021-7011 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the remote access SSL VPN features could allow an...

Ubuntu: Security Advisory (USN-3785-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3785-1: ImageMagick vulnerabilities

Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate...

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...