207 matches found
Missing Validation of OpenSSL Certificate
Overview Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate due to the default configuration of DefaultConfig where TLS certificate verification is disabled for outgoing storage driver communications. An attacker can intercept, decrypt, and manipulate al...
soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives
Impact Incorrect rounding direction for signed mul and div operations The mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was negative, the final result must also be...
CVE-2025-1584
A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org/noear/solon/web/staticfiles/StaticMappings.java. The manipulation leads to path traversal:...
EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2025-2569)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity XXE injection attack. The vulnerability, tracked as CVE-2025-66516 , is rated 10.0 on the CVSS scoring scale, indicating maximum severity. "Critical XXE in Apache Tika tika-core 1.13-3.2.1,...
CVE-2025-5555
A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has bee...
CVE-2025-5555
A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has bee...
Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities
Summary IBM Security QRadar EDR includes components affected by known vulnerabilities e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in this update. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found i...
GHSA-P543-XPFM-54CP Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
Summary Rack::Multipart::Parser buffers the entire multipart preamble bytes before the first boundary in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing significant memory use and potential process termination due to out-of-memory OOM...
EUVD-2015-1142
Malware in sbrugna...
EUVD-2014-1265
Malware in sbrugna...
EUVD-1999-1002
Malware in sbrugna...
EUVD-2018-13834
Malware in sbrugna...
EUVD-2018-13838
Malware in sbrugna...
EUVD-2019-11531
Malware in sbrugna...
EUVD-2022-6548
Malicious code in bioql PyPI...
EUVD-2022-52095
Malicious code in bioql PyPI...
EUVD-2022-41837
Malicious code in bioql PyPI...
EUVD-2022-41775
Malicious code in bioql PyPI...
EUVD-2023-48170
Malicious code in bioql PyPI...