20 matches found
CVE-2026-33721
MapServer (CVE-2026-33721) has a heap-buffer-overflow in the SLD parser triggered by a crafted SLD containing more than 100 Threshold elements in a ColorMap/Categorize structure, exploitable by an unauthenticated remote attacker via WMS GetMap with SLD_BODY. Affects versions up to 4.2 prior to 8....
mkkp-map-client (>=0.0.3 <=1.0.4), mkkp-map-server (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via react-leaflet-cluster-layer (=0.0.3)
react-leaflet-cluster-layer NPM version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on react-leaflet-cluster-layer and may be impacted: - mkkp-map-client =0.0.3, =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-2071...
CVE-2025-62170
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
CVE-2025-62170
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
CVE-2025-62170 rAthena map-server use-after-free vulnerability in RODEX
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
CVE-2025-62170 rAthena map-server use-after-free vulnerability in RODEX
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
CVE-2025-62170 rAthena map-server use-after-free vulnerability in RODEX
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
CVE-2025-62170
CVE-2025-62170 affects the rAthena map-server, specifically the RODEX functionality. A use-after-free in versions prior to commit af2f3ba enables an unauthenticated attacker to trigger a denial of service by crashing the map-server in a targeted scenario. The issue has been patched in commit af2f...
EUVD-2025-34076
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of...
PT-2025-41797
Name of the Vulnerable Software and Affected Versions rAthena versions prior to commit af2f3ba Description rAthena is an open-source cross-platform MMORPG server. A use-after-free issue exists in the RODEX functionality of rAthena’s map-server. An unauthenticated attacker can exploit this issue v...
Fortinet FortiProxy's map server (FG-IR-22-468)
The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-468 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through...
CVE-2023-29175
An improper certificate validation vulnerability CWE-295 in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a...
Fortinet Fortigate Lack of certificate verification when establishing secure connections (FG-IR-22-468)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-468 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.1...
Protect
An improper certificate validation vulnerability CWE-295 in FortiOS and FortiProxy may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server...
Zomato: Zomato Map server going out of memory while resizing map image
Go to https://maps.zomato.com/php/staticmap?center=0,0&size=240x150&maptype=zomato&markers=180,180,pinres32&sensor=false&scale=%&zoom=eval2147483647+1&language=en a map will be displayed Now increase the map size by 10x...
CVE-2017-12236
A vulnerability in the implementation of the Locator/ID Separation Protocol LISP in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier EID to a Routing Locator RLO...
CVE-2017-12236
A vulnerability in the implementation of the Locator/ID Separation Protocol LISP in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier EID to a Routing Locator RLO...
Authentication flaw
A vulnerability in the implementation of the Locator/ID Separation Protocol LISP in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier EID to a Routing Locator RLO...
Cisco IOS XE Software Authentication Bypass Vulnerability
Cisco IOS XE is an operating system developed by the American company Cisco Cisco for its network equipment. A security vulnerability exists in the implementation of the Locator/ID Separation Protocol LISP in Cisco IOS XE. A remote attacker could exploit this vulnerability to bypass authenticatio...
UBUNTU-CVE-2016-9839
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails...