netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

Belden多款产品 访问控制错误漏洞

Belden Hirschmann HiLCOS OpenBAT, among others, are products of the American company Belden. Belden Hirschmann HiLCOS OpenBAT is an industrial-grade wireless local area network device. Belden Hirschmann HiLCOS BAT450 is an industrial-grade wireless local area network access point device. Belden...

CVE-2018-14705

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...

CVE-2019-2599

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Pagelet Wizard. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

EUVD-2025-201915

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

PT-2025-43652

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description Undocumented administrative accounts were being created to facilitate access for applications. These accounts offer a means of network compromise. The issue affects...

EUVD-2017-1951

Malware in sbrugna...

EUVD-2020-6903

Malware in sbrugna...

EUVD-2020-22477

Malware in sbrugna...

EUVD-2019-16135

Malware in sbrugna...

EUVD-2020-20381

Malware in sbrugna...

EUVD-2020-5712

Malware in sbrugna...

EUVD-2020-29601

Malware in sbrugna...

EUVD-2007-1794

Malware in sbrugna...

EUVD-2021-22195

Malware in sbrugna...

EUVD-2023-54211

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-2441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.25 and prior. Easily...

CVE-2025-21507

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

CVE-2024-21132

Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Approvals. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Purchasing. Successful attacks...

CVE-2020-27888

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access...