PT-2026-46267

Name of the Vulnerable Software and Affected Versions Net::CIDR::Set versions prior to 0.21 Description The software fails to validate IP addresses. The add function calls the encode function to parse addresses; if the input does not resemble netmasks or network ranges, it is treated as a single ...

CVE-2025-11961

pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...

libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()

A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash...

libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()

A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash...

Serendipity SSRF Security Restriction Bypass Vulnerability

Serendipity is the scalable PHP-powered weblog engine. Serendipity suffers from a Security Restriction Bypass vulnerability that allows an attacker to bypass SSRF protection via a malformed IP address or 30x HTTP status code...

kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

httpd: reverse web proxy vulnerability

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

Design/Logic Flaw

The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service persistent crash via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsi...

Postfix 1.1.x - Denial of Service (2)

Postfix 1.1.x - Denial of Service 2 source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that...

CVE-2003-0248

The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address...

CVE-2003-0248

The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address...

PT-2000-1058 · Unknown · Website Pro

Name of the Vulnerable Software and Affected Versions: WebSite Pro affected versions not specified Description: The issue allows remote attackers to determine the real pathname of web directories via a malformed URL request. Recommendations: At the moment, there is no information about a newer...