571 matches found
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...
CVE-2026-47691
A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...
ROS-20260407-73-0022
A vulnerability in the netfilter component of the Linux operating system kernel is related to errors in updating the reference counter. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial-of-service condition...
ROS-20260323-73-0027
A vulnerability in the tmptcp components of the Linux operating system kernel is related to state management errors. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
Huawei HarmonyOS Resource Scheduling Module Privilege Control Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS resource scheduling module, which can be exploited by an attacker to compromise integrity...
ROS-20260202-73-0043
A vulnerability in the dispc.c component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
ROS-20260121-73-0031
A vulnerability in the kernel/trace component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
ROS-20260121-73-0033
A vulnerability in the ksmbd component of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
CVE-2022-23455
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
CVE-2021-27602
SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malicious code in the...
CVE-2021-33672
Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...
CVE-2022-42269
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components...
EUVD-2016-6536
Malware in sbrugna...
EUVD-2020-28062
Malware in sbrugna...
EUVD-2019-13956
Malware in sbrugna...
EUVD-2019-6991
Malware in sbrugna...
EUVD-2009-3381
Malware in sbrugna...
EUVD-2013-1576
Malware in sbrugna...