Lettermint Node.js SDK leaks email properties to unintended recipients when client instance is reused

Impact Email properties such as to, subject, html, text, and attachments are not reset between sends when a single client instance is reused across multiple .send calls. This can cause properties from a previous send to leak into a subsequent one, potentially delivering content or recipient...

Exposure of Data Element to Wrong Session

Overview lettermint is an Official Lettermint Node.js SDK Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session via .send calls. An attacker can access sensitive email properties intended for previous recipients when a client instance is used across multipl...

CVE-2019-25232 NetPCLinker 1.0.0.0 - Buffer Overflow

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

CVE-2019-25232 NetPCLinker 1.0.0.0 - Buffer Overflow

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

PT-2026-5464

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

EUVD-2025-34654

When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery SSRF protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note: Software versions which have reached End of Technical Support...

CVE-2025-58474

CVE-2025-58474 affects BIG-IP BIG-IP Advanced WAF/ASM and NGINX App Protect DNS lookup vulnerability. When BIG-IP Advanced WAF is on a virtual server with SSRF protection or NGINX App Protect Bot Defense is used, undisclosed requests can disrupt new client requests, enabling potential DoS on the ...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that stems from an undisclosed request that could interfere with new client requests...

F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM and NGINX App Protect DNS lookup vulnerability (K000148512)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.2 / 17.5.0. It is, therefore, affected by a vulnerability as referenced in the K000148512 advisory. When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery SSRF protection or when a...

EUVD-2012-6477

Malware in sbrugna...

EUVD-2020-23365

Malware in sbrugna...

EUVD-2020-16710

Malware in sbrugna...

CVE-2020-35707

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...

CVE-2020-23974

Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Messagetitle-tag, Add new client all-tags...

SUSE CVE-2008-1429

Secure Internet Live Conferencing SILC Server before 1.1.1 allows remote attackers to cause a denial of service daemon crash via a NEWCLIENT packet without a nickname...

FISCO-BCOS 输入验证错误漏洞

FISCO-BCOS is an externally open-source, secure and controlled enterprise-grade financial blockchain underlying technology platform. A security vulnerability exists in FISCO-BCOS release-3.0.0-rc2. An attacker exploiting this vulnerability could cause normal nodes to stop generating new blocks an...

CVE-2021-43505

Multiple Cross Site Scripting XSS vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via 1 Add new Client and 2 Add new invoice...

CVE-2021-43505

Multiple Cross Site Scripting XSS vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via 1 Add new Client and 2 Add new invoice...

CVE-2021-43505

CVE-2021-43505 affects Ssourcecodester Simple Client Management System v1. The vulnerability is described as multiple Cross-Site Scripting (XSS) issues exploitable via adding a new client or adding a new invoice. The connected documents confirm XSS in this product/version combination; no explicit...