EUVD-2026-31232

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

PT-2026-42421

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description An off-by-two error in the lp write function within papd allows an adjacent network attacker to modify limited data or cause a minor service disruption by sending crafted print data...

CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

Astra Linux – Vulnerability in libpgjava

pgjdbc is an open-source PostgreSQL JDBC Driver. In affected versions, a prepared statement using either PreparedStatement.setTextint, InputStream or PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream exceeds 2 kilobytes in size. This temporary file can be...

WordPress Community by PeepSo plugin <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Community by PeepSo versions = 6.4.5.0...

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

CVE-2022-45008

creationtimestamp| type| source ---|---|--- 2025-04-23 14:05:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13034...

ETIC Telecom Remote Access Server 安全漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to maintain automated equipment remotely. A security vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which stems from...

WordPress plugin GEO my WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CBOR Security Breach

CBOR is a C implementation of the Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in CBOR versions 4.0.0 through 4.5.0, which stems from the use of an inefficient algorithm that makes it susceptible to denial-of-service attacks when...

CVE-2023-47464

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function...

CVE-2023-47463

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the glnassys authentication function...

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.

...

Ibm Sterling Order Management 跨站脚本漏洞

IBM Sterling Order Management is an order management system that allows companies to seamlessly synchronize and manage the entire lifecycle of orders.A cross-site scripting vulnerability exists in IBM Sterling Order Management versions 9.4, 9.5, and 10.0. An attacker could exploit the vulnerabili...

The vulnerability of the Easy Virtual Switching System (VSS) software, developed by Cisco IOS XE, affects Cisco Catalyst 4500 and Cisco Catalyst 4500-X network devices. This vulnerability allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the Easy Virtual Switching System VSS microprogramming software for Cisco IOS XE network devices from the Cisco Catalyst 4500 series and Cisco Catalyst 4500-X series is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

Adobe Digital Editions Denial of Service Vulnerability

Adobe Digital Editions DE is a set of e-book reading and management software of the United States Ordoby Adobe. Through the software can open, read and manage PDF, XML, Flash files. Adobe DE 4.5.0 and previous versions of security vulnerabilities exist. An attacker could exploit this vulnerabilit...