194 matches found
CVE-2026-11576
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...
CVE-2026-11576
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...
Malicious code in ecto_module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e66c690abd94ee498cd359eb076451c0f6ea3956d8221616bbf8990d35a38c5 On npm install, the package's preinstall hook node index.js reads /flag.txt falling back to execSync'cat /flag' and transmits the captured contents i...
GHSA-GX38-8H33-PMXR free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify/subsId PUT handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended modification of existing Policy Data notificatio...
MiracleLinux 7 : tomcat-7.0.76-3.el7 (AXSA:2017-2389:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2389:05 advisory. A vulnerability was discovered in Tomcat's handling of pipelined requests when Sendfile was used. If sendfile processing completed quickly, it was...
EUVD-2019-3162
Malware in sbrugna...
EUVD-2020-29733
Malware in sbrugna...
EUVD-2020-5985
Malware in sbrugna...
EUVD-2025-5579
Malicious code in bioql PyPI...
EUVD-2025-5085
Malicious code in bioql PyPI...
EUVD-2024-41569
Malicious code in bioql PyPI...
EUVD-2025-10014
Malicious code in bioql PyPI...
EUVD-2022-27974
Malicious code in bioql PyPI...
EUVD-2025-19327
Malicious code in bioql PyPI...
CVE-2012-10062
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
🚨 CVE-2025-24813 – Apache Tomcat PUT JSP RCE Exploit !CVEh...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813 Apache Tomcat RCE PoC Description This is...
CVE-2025-6765
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. Th...
CVE-2025-6765
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. Th...
CVE-2025-6765
CVE-2025-6765 affects Intelbras InControl 2.21.60.9, where the HTTP PUT Request Handler’s processing of the file at "/v1/operador/" can lead to permission issues. The vulnerability arises from how the endpoint handles PUT requests, enabling remote initiation with potential impact on permissions. ...