2456890 matches found
GNUnet P2P Framework 0.26.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
CVE-2026-59249
Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...
CVE-2026-35146
HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.
The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...
Decepticon-NavMAX
!Englishhttps://img.shields.io/badge/Language-English-blue?s...
WordPress Planyo online reservation system plugin <= 3.0 - Unauthenticated Server-Side Request Forgery vulnerability
Unauthenticated Server-Side Request Forgery vulnerability discovered by chaeyp, Ronnachai Sretawat Na Ayutaya Simonhaskelly, Ronnachai Chaipha rxnr in WordPress Plugin Planyo online reservation system versions = 3.0...
CVE-2026-59249 Sign-tolerant HTTP/1 chunk-size parser in Mint enables response smuggling against strict intermediaries on pooled connections
Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...
CVE-2026-59249
Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub thread, and a fake comment can make it run a stranger's command on your computer. Neither trick hijacks the...
Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor
An advanced malware previously attributed to a China-linked threat actor has resurfaced after more than four years within a Taiwan manufacturing firm, along with a previously unreported backdoor dubbed Stupig. Daxin "srt64.sys", as the kernel-mode rootkit is referred to, was first documented by...
Exploit for SQL Injection in Apache Fineract
🛡️ CVE-2026-57821 – Apache Fineract SQL Injection ⚠️ LEG...
CVE-2026-35146 HCL DFXServer is affected by an Unencrypted Communication vulnerability.
HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...
CVE-2026-35146
HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...
K000162297: Micrometer vulnerability CVE-2026-40984
Security Advisory Description In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9...
Security Bulletin: The IBM Common Licensing using IBM® SDK, Java™ Technology Edition affected by multiple vulnerabilities
Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2026 Critical Patch Update. For more information please refer to Oracle's April 2026 CPU Advisory and the CVE links referenced below. IBM Common Licensing is...
Security Bulletin: The IBM Common Licensing IBM WebSphere Application Server Liberty could provide weaker than expected security
Summary IBM WebSphere Application Server Liberty could provide weaker than expected security administering security settings when the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature is enabled. Vulnerability Details Refer to the security bulletins...
RHSA-2026:39808 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) security update
Bulletin has no description...
Security Bulletin: The IBM Common Licensing using IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability
Summary IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability with the restConnector-1.0 or restConnector-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...