76 matches found
CVE-2026-46739
Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...
CVE-2026-46741
Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...
CVE-2026-46741 Etsy::StatsD versions through 1.002002 for Perl allow metric injections
Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...
EUVD-2026-34296
Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...
CVE-2026-46741
Etsy::StatsD for Perl (versions up to 1.002002) is affected by metric injection due to unvalidated metric names and values containing newlines, colons, or pipes. The issue can allow an attacker to inject additional statsd metrics when metrics are generated from untrusted sources, with the Git rep...
CVE-2026-46739
Net::Statsd for Perl with versions prior to 0.13 is vulnerable to metric injections. The flaw arises because metric names aren’t checked for newlines, colons, or pipes, allowing untrusted-sourced metrics to inject additional statsd metrics. Additionally, update_stats and gauge do not validate tha...
EUVD-2026-34295
Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...
PT-2026-46265
Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...
PT-2026-46264
Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The update stats used for updating counters and gauge methods do not check that value...
CISA: CISA and Partners Urge Hardening Automatic Tank Gauge Systems
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Department of Energy DOE, the Environmental Protection Agency EPA, the Transportation Security Administration TSA, the Department of Transportation DOT, and th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: axp288fuelgauge: Fixed the race condition related to externalpowerchanged. The function fuelgaugeexternalpowerchanged dereferes the variable info-bat, which is then set in the function axp288fuelgaugeprobe. This process looks lik...
CVE-2025-69298
Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...
CVE-2025-69298
Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...
CVE-2025-69298 WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...
CVE-2025-69298 WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...
CVE-2025-69298
CVE-2025-69298 : WordPress Gauge theme
WordPress plugin Gauge 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-21126
Name of the Vulnerable Software and Affected Versions GhostPool Gauge versions through 6.56.4 Description A missing authorization flaw exists in the GhostPool Gauge gauge, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update GhostPool Gauge to...
WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Gauge versions = 6.56.4...
CVE-2025-58428
CVE-2025-58428 affects Veeder-Root TLS4B ATG system. The vulnerability stems from the SOAP-based interface being accessible through the web services handler, which enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. Reported impact incl...