8 matches found
SUSE-SU-2026:2673-1 Security update for bind
This update for bind fixes the following issues: Security issues: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3593: Heap use-after-free vulnerabilit...
Nats-Server Security Vulnerability
Nats-Server is a high performance server for Nats.io, cloud and edge native messaging systems. A security vulnerability exists in Nats-Server versions prior to 2.9.23, and 2.10.x prior to 2.10.2, which stems from the presence of an authentication bypass that allows an attacker to bypass...
PT-2023-21726 · Directus · Directus
Name of the Vulnerable Software and Affected Versions: Directus versions prior to 9.23.3 Description: The issue concerns the improper redaction of the directus refresh token from log outputs, allowing it to be used to impersonate users without their permission. This can lead to issues with...
Directus 日志信息泄露漏洞
Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 9.23.3, which stems from directusrefreshtoken not being properly edited from log output, and can be used to impersonate a user without...
Artifex Ghostscript Uninitialized Memory Access Vulnerability
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. An uninitialized...
Artifex Ghostscript Type Obfuscation Vulnerability (CNVD-2019-06229)
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A type obfuscation...
Artifex Ghostscript Type Obfuscation Vulnerability
Ghostscript is based on Adobe Systems PostScript and Portable Document Format PDF page description language interpreter set of software. A type confusion vulnerability exists in the 'LockDistillerParams' parameter in Artifex Ghostscript version 9.23 prior to 2018-08-23, which can be exploited by ...
HPE Network Node Manager Cross-Site Scripting Vulnerability
HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. A cross-site scripting vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00, 10.01, whic...