Frauscher Sensortechnik多款产品 操作系统命令注入漏洞

Frauscher Sensortechnik FDS102 and others are a diagnostic system device from Frauscher. An operating system command injection vulnerability exists in various Frauscher Sensortechnik products, which stems from improper neutralization of special elements when loading a configuration file from a US...

PT-2025-28180

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions 6.0 prior to 6.0.23 MongoDB Server versions 7.0 prior to 7.0.20 MongoDB Server versions 8.0 prior to 8.0.9 Description: The issue affects MongoDB Server's mongos component, causing it to become unresponsive to new...

MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections

[email protected] reports: MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. Required Configuration: This affects MongoDB sharded clusters when configured with...

MongoDB Server 安全漏洞

MongoDB Server is the United States MongoDB company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . A security vulnerability exists in MongoDB Server versions prior to 6.0.23,...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9997)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9997 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

SUSE CVE-2025-6817

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5Cloadentry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public an...

Akamai CloudTest 代码问题漏洞

Akamai CloudTest is a suite of scalable load testing platforms from Akamai Corporation. A code issue vulnerability exists in Akamai CloudTest versions prior to 2025.06.09 that stems from vulnerability to server-side request forgery attacks...

PT-2025-27295 · Hdf5 +1 · Hdf5 +1

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.14.6 Description: A vulnerability has been found in HDF5, affecting the function H5C load entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit...

HDF5 资源管理错误漏洞

HDF5 is a data management suite developed by The HDF Group for storing and managing large-scale scientific data. A security vulnerability exists in HDF5 version 1.14.6, which originates from an exception in the handling of the H5Cloadentry function in the /src/H5Centry.c file. An attacker can...

Malicious code in load-nyc-config (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-5431 Malicious code in load-nyc-config (npm)

The package communicates with a domain associated with malicious activity...

kernel: netfilter: nf_tables: prefer nft_chain_validate

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9434)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9434 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

The vulnerability of Microprogrammed Software in Modicon Controllers arises from improper external control of the name or file path during data loading, allowing attackers to compromise the confidentiality of protected information.

The vulnerability of Microprogrammed Software in Modicon Controllers arises from incorrect external control via name or file during data loading. Exploiting this vulnerability allows an attacker to compromise the confidentiality of protected information...

UBUNTU-CVE-2025-6434

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

Moderate: Red Hat Security Advisory: mod_proxy_cluster security update

An update for modproxycluster is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

VMware Avi Load Balancer SQL Injection Vulnerability

VMware Avi Load Balancer is a load balancing platform from VMware. VMware Avi Load Balancer suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

ALSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

OSV-2025-484 Heap-buffer-overflow in load_protocols_file_fd

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=426164365 Crash type: Heap-buffer-overflow READ 2 Crash state: loadprotocolsfilefd fuzzfilecfgprotocols.c...