EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2026-1362)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token...

gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

CVE-2026-1842

HyperCloud versions 2.3.5 through 2.6.8 improperly allowed refresh tokens to be used directly for resource access and failed to invalidate previously issued access tokens when a refresh token was used. Because refresh tokens have a significantly longer lifetime default one year, an authenticated...

CVE-2026-1842 HyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized Access

HyperCloud versions 2.3.5 through 2.6.8 improperly allowed refresh tokens to be used directly for resource access and failed to invalidate previously issued access tokens when a refresh token was used. Because refresh tokens have a significantly longer lifetime default one year, an authenticated...

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

Imperva API Security: Authentication Risk Report—Key Findings & Fixes

An in-depth analysis of common JSON Web Token JWT mistakes, basic auth, long-lived tokens, and quick, high-impact fixes to secure your APIs . Introduction APIs are the backbone of modern digital services—from mobile apps and e-commerce to banking and IoT. That scale and utility also make them pri...

Multi-Trigger Poisoning Amplifies Backdoor Vulnerabilities in LLMs

Recent studies have shown that Large Language Models LLMs are vulnerable to data poisoning attacks, where malicious training examples embed hidden behaviours triggered by specific input patterns. However, most existing works assume a phrase and focus on the attack's effectiveness, offering limite...

SUSE CVE-2004-0083

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file font.alias with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106...

Staker.sol: Wrong values returned in edge cases of _calculateFloatPerSecond()

Handle hickuphh3 Vulnerability details Impact In calculateFloatPerSecond, the edge cases where full rewards go to either the long or short token returns return 1e18 k longPrice, 0; and return 0, 1e18 k shortPrice; respectively. This is however 1e18 times too large. We can verify this by checking...

Roehling Postsrsd Resource Management Error Vulnerability

Roehling Postsrsd is a C-based software from the individual developer Roehling that provides reverse SRS functionality for mail servers. A security vulnerability in PostSRSd before 1.10, which originated in srs2.c, allows remote attackers to cause a denial of service CPU consumption via a...

CVE-2020-17473

Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to obtain a long-lasting token by impersonating the server...

CVE-2007-5405

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with 1 a long ENCODING...