CVE-2025-10457

The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching...

CVE-2025-5992 Passing values outside of expected range to QColorTransferGenericFunction can cause a denial of service

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...

Expected Behavior Violation

Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Expected Behavior Violation via the DocugamiReader class. An attacker can cause loss of important document content, disrupt parent-child chunk hierarchies, and lead to inaccurate AI...

Security Bulletin: AIX/VIOS is vulnerable to an expected behavior violation (CVE-2025-32728) due to OpenSSH

Summary AIX's OpenSSH DisableForwarding directive does not adhere to the documentation CVE-2025-32728. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2025-32728 DESCRIPTION: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...

OESA-2025-1562 mod_security security update

This software is also called Modsec,it is an open-source web application firewall. It is designed for Apache HTTP Server.ModSecurity is commonly deployed to provide protections against generic classed of vulnerabilities.The install of this package is easy and you can read the README.TXT for more...

CVE-2023-42460

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

UBUNTU-CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

Device Presence Anomaly Detected (Low)

It is important to know what assets exist in your network. New assets can indicate unexpected network connections, third-party connectivity, or potential threats to the network. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

OESA-2025-1290 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, fr...

OESA-2025-1289 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, fr...

CVE-2024-56202

Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...

UBUNTU-CVE-2024-56202

Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...

CVE-2024-56202

CVE-2024-56202 is a vulnerability described as an Expected Behavior Violation in Apache Traffic Server. It affects the following releases: 9.0.0–9.2.8 and 10.0.0–10.0.3. The provided data shows a CVSS v3.1 base score of 4.3 (Medium) with network attack vector, low attack complexity, and privilege...

CVE-2024-56202 Apache Traffic Server: Expect header field can unreasonably retain resource

Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...

CVE-2024-56202

Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...

PT-2025-9866 · Apache +1 · Apache Traffic Server +1

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.0.0 through 9.2.8 Apache Traffic Server versions 10.0.0 through 10.0.3 Description: The issue is an Expected Behavior Violation vulnerability in Apache Traffic Server. Users are advised to upgrade to resolve t...

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size...

GO-2024-3248 KubeSphere IDOR vulnerability in github.com/kubesphere/kubesphere

An Insecure Direct Object Reference IDOR vulnerability in KubeSphere allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. NOTE: A fix is expected in v4.1.3 in January 2025...

CVE-2024-33030

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size...

CVE-2024-33030

Qualcomm chipsets with LPLH are affected by CVE-2024-33030. The issue is memory corruption caused by parsing IPC frequency table parameters when the input size is larger than expected. Impact is memory corruption (per the sources), with no public details on affected versions or a patch in the pro...