EUVD-2026-34684

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

EUVD-2026-34462

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11013

CVE-2026-11013 affects Google Chrome (Chromium-based) by insufficient validation of untrusted input in the network component. Prior to version 149.0.7827.53, a remote attacker who compromised the renderer process could read potentially sensitive information from process memory via a crafted HTML ...

Protection Mechanism Failure

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Protection Mechanism Failure through improper validation of the docker.network configuration parameter. An attacker can gain unauthorized access to internal network resources by specifyin...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the proxy repository configuration. An attacker can access internal network resources and cloud metadata endpoints by configuring proxy repositories with malicious URLs. This is only exploitable if t...

CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

EUVD-2018-18971

Malware in sbrugna...

EUVD-2022-6868

Malicious code in bioql PyPI...

SUSE SLES15 Security Update : kernel (Live Patch 44 for SLE 15 SP3) (SUSE-SU-2025:0708-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0708-1 advisory. This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi:...

How to Validate If XenServer is Using Bridge or vSwitch for the Network Stack

This article describes how to validate if XenServer is using Bridge or vSwitch for the network stack. By default, XenServer 6.x uses vSwitch as the network stack when the host is installed. At some point, the XenServer administrator might have changed the network stack to Bridge. When attempting ...

routinator -- potential DOS attack

Due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may st...

Pybatfish - Python Client For Batfish (Network Configuration Analysis Tool)

Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device configuration...

AMD 多款产品输入验证错误漏洞

AMD Platform Security Processor and others are products of AMD Corporation.AMD Platform Security Processor is a security processor.AMD Secure Encrypted Virtualization is an application software.AMD System Management Unit SMU is a system management unit. An input validation error vulnerability...

Null pointer dereference

Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937,...

Dell EMC Avamar Server Input Validation Error Vulnerability

Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. An input validation error vulnerability exists in Dell EMC Avamar Server versions 7.3.1 and 7.4.1. The vulnerability originates from a network system or product that does not properly...

LetsMapYourNetwork - Tool To Visualise Your Physical Network In Form Of Graph With Zero Manual Error

It is utmost important for any security engineer to understand their network first before securing it and it becomes a daunting task to have a ‘true’ understanding of a widespread network. In a mid to large level organisation’s network having a network architecture diagram doesn’t provide the...

CVE-2018-17161

In FreeBSD before 11.2-STABLEr348229, 11.2-RELEASE-p7, 12.0-STABLEr342228, and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffe...

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

Design/Logic Flaw

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'network.ieee8021x.deletecerts'...

Online Ad Networks Leverages to Launch Javascript Attacks

LAS VEGAS – Researchers have figured out how to leverage the reach of online advertising networks to distribute javascript of their choosing, creating the equivalent of a botnet of ad impressions capable of crashing underlying webservers or distributing malware on a massive scale for pennies on t...