CVE-2026-44427

The CVE-2026-44427 entry concerns the MCP Registry’s TrailingSlashMiddleware (internal/api/server.go), affecting versions 1.1.0–1.7.4. The vulnerability is an open redirect caused by processing protocol-relative paths (e.g., //evil.com/) without validating the redirect target after trimming trail...

EUVD-2008-4220

Malware in sbrugna...

Security Bulletin: Incorrect certficate validation vulnerability in IBM MQ.NET Managed Client (CVE-2018-1543)

Summary IBM MQ Managed .NET Client could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques Vulnerability Details...

ansible: Arbitrary code execution on control node (incomplete fix for CVE-2016-9587)

An input validation vulnerability was found in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server...

OPSI Managed Client Remote Command Execution

Affected Products Tested with OPSI Server 4.0.7.26 OPSI ClientAgent 4.0.7.10-1 older releases have not been tested According to the vendor all server instances that use a python-opsi version lower than 4.0.7.28-4 are affected References https://www.secuvera.de/advisories/secuvera-SA-2017-01.txt...

Symantec ITMS Inventory Solution Application Denial Functionality Bypass

SUMMARY The Inventory Solution component of Symantecs IT Management Agent, the client portion of Symantec IT Management Suite ITMS powered by Altiris, can be configured to deny one or more applications from running on a windows managed client as part of IT management functions. A determined user...

Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008

The remote host is missing Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008

The remote host is missing Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008. One or more of the following components are affected: ATS BOM CoreGraphics CoreServices CoreTypes Flash Player Plug-in Kernel Libsystem Managed Client networkcmds Podcast Producer UDF OpenVAS Vulnerability Test...

CVE-2008-4237

Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting...

Code injection

Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting...

Mac OS X 10.5.x < 10.5.6 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.6. Mac OS X 10.5.6 contains security fixes for the following products : - ATS - BOM - CoreGraphics - CoreServices - CoreTypes - Flash Player Plug-in - Kernel - Libsystem - Managed Client - networkcmds - Podcast Producer...

Avast! Managed Client CAB文件处理远程堆溢出漏洞

Avast!是一款反病毒应用程序。 Avast! Managed Client处理CAB文件存在堆溢出问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 Avast! Antivirus Managed Client 4.7.652 Avast! Antivirus Managed Client 4.6.394 厂商解决方案 升级到Avast! Managed Client 4.7.700版本： http://www.avast.com/eng/adnm-management-client-revision-history.html...

Heap overflow

Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around"...