SUSE CVE-2007-6735

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session...

CVE-2026-5772 MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

CVE-2026-34580

A flaw was found in Botan, a C++ cryptography library. Due to a misleading function name and an assumption in path validation logic, an end entity certificate could be incorrectly accepted as a trusted root. This occurs when the end entity certificate's Distinguished Name DN and Subject Key...

EUVD-2026-17983

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.6 contained security vulnerabilities. These vulnerabilities stemmed from a flaw in permission list validation, which allowed equal matches for the variable actor.name field. This could allow attacker...

CVE-2026-24910

In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...

CVE-2024-53245

CVE-2024-53245 affects Splunk Enterprise and Splunk Cloud Platform where a low-privilege user whose username matches a role with read access to dashboards can clone a dashboard and view its name and XML. Affected versions are Splunk Enterprise < 9.3.0, < 9.2.4, and < 9.1.7, and Splunk Cl...

SUSE CVE-2018-19217

In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function ncnamematch that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party...

DEBIAN-CVE-2018-19217

In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function ncnamematch that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party...

UBUNTU-CVE-2018-19217

In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function ncnamematch that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party...

AZL-40988 CVE-2018-19217 affecting package ncurses 6.4-2

In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function ncnamematch that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party...

PT-2018-14870 · Ncurses · Ncurses

Name of the Vulnerable Software and Affected Versions: ncurses versions 6.x Description: The issue is related to a NULL pointer dereference at the function nc name match that will lead to a denial of service attack. The original report stated version 6.1, but the issue did not reproduce for that...

CVE-2014-8270

BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset...