254 matches found
Siemens SIMATIC Devices Improper Removal of Sensitive Information Before Storage or Transfer (CVE-2024-26816)
x86, relocs: relocations in .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the startupxen entry point. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
PT-2025-43216
Name of the Vulnerable Software and Affected Versions Rajan Vijayan WP Smart Flexslider versions through 2.5 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, which can lead to Cross-site Scripting XSS. This allows an attacker to...
EUVD-2018-17647
Malware in sbrugna...
EUVD-2021-14136
Malware in sbrugna...
EUVD-2010-0515
Malware in sbrugna...
EUVD-2014-8941
Malware in sbrugna...
EUVD-2014-7123
Malware in sbrugna...
EUVD-2021-17212
Malware in sbrugna...
EUVD-2023-23482
Malicious code in bioql PyPI...
EUVD-2024-23268
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of inline data creation after a direct IO write, which could lead to a system crash...
Security Bulletin: IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers
Summary IBM Watsonx BI is affected by use of on-headers in node.js middleware used for listening when a response writes headers. It has a bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead Vulnerability Detail...
Improper Handling of Unexpected Data Type
Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type when functions including List and SignWithFlags process successAgentMsg. This can be triggered by a malicious agent sending a single 0x06 byte SSHAGENTSUCCESS, which is unmarshalled into a...
Improper Handling of Unexpected Data Type
Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type when functions including List and SignWithFlags process successAgentMsg. This can be triggered by a malicious agent sending a single 0x06 byte SSHAGENTSUCCESS, which is unmarshalled into a...
Linux Distros Unpatched Vulnerability : CVE-2022-3639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all...
ROS-20250825-02
A vulnerability in the Nokogiri program library of the Ruby interpreter is related to improper handling of an an unexpected data type. Exploitation of the vulnerability could allow an attacker, acting remotely, disclose protected information or cause a denial of service A vulnerability in the...
ROS-20250703-03
A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
CVE-2022-3639
A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage...
The vulnerability of the NTPSyncWithHost() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary code.
The vulnerability of the NTPSyncWithHost function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
CVE-2022-2534
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was returning contributor emails due to improper data handling in the Datadog integration...