CVE-2026-46739

A flaw was found in perl-Net-Statsd. This vulnerability allows an attacker to inject additional statsd metrics due to insufficient validation of metric names and values. Specifically, the software does not properly check for newlines, colons, or pipes in metric names, nor does it ensure that valu...

EUVD-2026-34295

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

CVE-2026-46739 Net::Statsd versions before 0.13 for Perl allow metric injections

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

CVE-2026-46739 Net::Statsd versions before 0.13 for Perl allow metric injections

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

CVE-2026-46739

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

EUVD-2020-21289

Malware in sbrugna...

AZL-70135 CVE-2023-53093 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

UBUNTU-CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

GHSA-PCX7-8HXG-J823 Duplicate Advisory: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jgwc-jh89-rpgq. This link is maintained to preserve external references. Original Description A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service DoS attack...

CVE-2024-38661

In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using kernel ASCE. AS:00000002d71bc007 R3:00000003fe5b8007...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

Design/Logic Flaw

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

Backdoor.Win32.Antilam.14.o Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2914f01e65d848655d4f1aac51ff04d1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.o Vulnerability: Unauthenticated Remote Command Execution Description: The...

Backdoor.Win32.Antilam.14.d Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a53351e8fa0cb4f7db3d0250387a0e4f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.d Vulnerability: Unauthenticated Remote Command Execution Description: The...

CVE-2019-9084

In Hoteldruid before 2.3.1, a division by zero was discovered in $numtabelle in tabtariffe.php aka the numtariffa1 parameter due to the mishandling of non-numeric values, as demonstrated by the /tabtariffe.php?anno=YEAR&numtariffa1=1a URI. It could allow an administrator to conduct remote denial ...