21 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: rejecting malformed HCICMDSYNC commands In mgmthcicmdsync, check whether the size of the parameters passed in struct mgmtcphcicmdsync matches the total size of the data i.e., sizeofstruct mgmtcphcicmdsync plus th...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the HandleApplicationDataInfluenceDataSubsToNotifyGet process. An attacker can access sensitive subscriber identifiers by sending unauthenticated HTTP GET requests to the affected endpoint without any query...
EUVD-2026-10908
Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2019-25401
Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...
CVE-2019-25401
Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin) has a denial-of-service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the web service, causing DoS. CVSS metrics are provided: ...
PT-2026-20531
Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...
EUVD-2004-0066
Malware in sbrugna...
EUVD-2020-30190
Malware in sbrugna...
SUSE CVE-2025-38128
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: reject malformed HCICMDSYNC commands In 'mgmthcicmdsync', check whether the size of parameters passed in 'struct mgmtcphcicmdsync' matches the total size of the data i.e. 'sizeofstruct mgmtcphcicmdsync' plus...
Google Pixel Resource Management Error Vulnerability (CNVD-2023-00002)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a resource management error vulnerability. A remote attacker can exploit this vulnerability to cause a denial of service disk consumption and large number of notifications with the help of a series of...
CVE-2020-25132
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending the improper variable type Array allows a bypass of core SQL Injecti...
CVE-2020-10957
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...
ALPINE-CVE-2020-10957
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...
CVE-2020-10957
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...
Updated sympa packages fix security vulnerability
Updated sympa packages fix security vulnerability: Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters CVE-2020-9369...
CVE-2020-9369
Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...
OpenSSL Null Pointer Indirect Reference Denial of Service Vulnerability
OpenSSL is an open source implementation of SSL used to implement strong encryption for network communications. OpenSSL suffers from a denial of service vulnerability. A denial of service results due to a malicious server that provides malformed parameters to the DHE or ECDHE key exchange, allowi...
Cisco Unified Computing System Arbitrary Command Execution Vulnerability
A vulnerability in the remote debug shell in Cisco Unified Computing System PALO adapter cards could allow an authenticated, local attacker to execute commands on the underlying operating system with elevated privileges. The vulnerability is due to insufficient handling of special characters. An...