CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

OPC UA .NET Standard Stack 安全漏洞

OPC UA .NET Standard Stack is an open source C++ framework from the OPC Foundation of America. NET Standard Stack is an open source C++ framework for developing and distributing OPC UA client/server applications. A security vulnerability exists in OPC UA .NET Standard Stack versions prior to...

CVE-2024-42513

CVE-2024-42513 affects the OPC UA .NET Standard Stack prior to 1.5.374.158, allowing an unauthorized attacker to bypass application authentication when using HTTPS endpoints. Affected component: OPC UA .NET Standard Stack. Root cause: authentication bypass due to vulnerability in the stack (exact...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1132)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1186)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2025:0355-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0355-1 advisory. Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1151)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

Authentication Bypass by Primary Weakness

Overview OPCFoundation.NetStandard.Opc.Ua is a package that contains the OPC UA reference implementation and is targeting the .NET Standard Library. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness when using HTTPS endpoints with a security policy othe...

CVE-2022-3174

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3251

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2...

MGASA-2025-0036 Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...

CVE-2017-14454

Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A...

CVE-2020-2672

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite component: Message Display. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Ema...

CVE-2024-10497

CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges Elevation of Privileges when the attacker sends modified HTTPS requests to the device...

CVE-2024-11425

CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver...

CVE-2024-20498

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...

CVE-2024-20499

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...

CVE-2024-31206

dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victi...