CVE-2026-44897 Mistune Heading ID Attribute Injection XSS

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...

CVE-2026-7586

A weakness has been identified in Open5GS up to 2.7.7. Affected is the function ogsidgetvalue of the file /src/amf/nudm-handler.c of the component AMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been made available to the public and...

CVE-2026-7586 Open5GS AMF nudm-handler.c ogs_id_get_value denial of service

A weakness has been identified in Open5GS up to 2.7.7. Affected is the function ogsidgetvalue of the file /src/amf/nudm-handler.c of the component AMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been made available to the public and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001010 advisory. Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002036)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002036 advisory. Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain...

EUVD-2020-3479

Malware in sbrugna...

EUVD-2020-23002

Malware in sbrugna...

UBUNTU-CVE-2022-48934

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...

Sql injection

A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer...

CVE-2023-25330

A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications that avoi...

SUSE CVE-2014-6428

The dissectspdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service application crash via a crafted packet...

PT-2022-5756 · Mikrotik · Routeros +1

Name of the Vulnerable Software and Affected Versions: Mikrotik RouterOs versions prior to stable v7.5 Description: The issue is related to an out-of-bounds read in the hotspot process, allowing attackers to execute arbitrary code via a crafted nova message. This is due to a buffer overflow...

GHSA-R478-C2PC-M7GX dnslib has DNS reply verification issue

The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...

CVE-2022-22846

The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...

CVE-2022-22846

CVE-2022-22846 affects the Python dnslib package up to 0.9.16, where the DNS reply ID is not verified against the query, per the CVE description. This could enable spoofing or misbinding of responses. Fedora advisory notes a fix in 0.9.21 (update to 0.9.21 or newer). Other connected entries reite...

CVE-2022-22846

The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...

CVE-2022-22846

The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...

PT-2019-8043 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub 2245-222 version 1012 Description: A buffer overflow vulnerability exists in the PubNub message handler of the Insteon Hub. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow,...

How to Return a License using My Account

This article describes how to return assigned licenses from the Licensing portal available in My Account. Background You can specify a new host ID type and host ID value to change the allocation of licenses from one license server to another license server...

Design/Logic Flaw

The HTTP connection-management functionality in Internet Pass-Thru IPT before 2.1.0.2 in IBM WebSphere MQ, when HTTPS is disabled, does not properly generate MQIPT Session IDs, which makes it easier for remote attackers to bypass intended restrictions on MQ message data by predicting an ID value...