CVE-2026-44217

sse-channel is an SSE-implementation which can be used to any node.js http request/response stream. Prior to 4.0.1, implementations that allow user-provided values to be passed to event, retry or id fields are susceptible to event spoofing, where an attacker could inject arbitrary messages into t...

CVE-2026-44217

The CVE-2026-44217 entry affects the sse-channel SSE implementation used in Node.js streams. Prior to version 4.0.1, passing user-provided values to the event, retry, or id fields allows event spoofing, enabling injection of arbitrary SSE messages into the stream and potentially impacting consume...

Balbooa Joomla Forms Builder SQL注入漏洞

Balbooa Joomla Forms Builder is a website form building plugin provided by Balbooa Corporation, which offers visual form design and data collection features. Version 2.0.6 of Balbooa Joomla Forms Builder contains an SQL injection vulnerability. This vulnerability stems from an unauthenticated SQL...

PT-2026-30760

Impact What kind of vulnerability is it? Who is impacted? SseStream. transform interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters r, . Since the SSE protocol treats both r and as field delimiters and as event...

FreeBSD : mongodb -- Certain Queries May Cause MongoDB Server to Crash (92880bca-a2c9-11f0-8402-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 92880bca-a2c9-11f0-8402-b42e991fc52e advisory. [email protected] reports: An authorized user can issue queries with duplicate id fields, that leads to...

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

CVE-2025-7259

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

mongodb -- Certain Queries May Cause MongoDB Server to Crash

[email protected] reports: An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version...

CVE-2004-2568

Multiple cross-site scripting XSS vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 user id, 2 recipe id, 3 category id, and 4 other ID number fields...

PT-2025-28209

Name of the Vulnerable Software and Affected Versions: MongoDB Server version 8.1.0 Description: An authorized user can issue queries with duplicate id fields, leading to unexpected behavior in MongoDB Server, which may result in a crash. This issue can only be triggered by authorized users and...

CVE-2014-4883

resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets...

Code injection

PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields...

CVE-2007-3592

PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields...

CVE-2007-3592

PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields...