K000161507: Samba vulnerability CVE-2026-3238

Security Advisory Description A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL...

K000161266: Node.js vulnerability CVE-2025-23166

Security Advisory Description The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism...

CVE-2026-35251

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

K000160142: PostgreSQL vulnerability CVE-2021-20229

Security Advisory Description A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality. CVE-2021-20229 Impact...

CVE-2025-61736 iSTAR- Improper Validation of Certificate Expiration

Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires...

PT-2025-51830

Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires...

EUVD-2016-9130

Malware in sbrugna...

EUVD-2019-5349

Malware in sbrugna...

K000153040: Python urllib vulnerability CVE-2019-9740

Security Advisory Description An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the...

K000152599: Python tarfile vulnerability CVE-2024-12718

Security Advisory Description Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

CVE-2019-2828

Vulnerability in the Oracle Field Service component of Oracle E-Business Suite subcomponent: Wireless. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Security Bulletin: Vulnerabilities in bind affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in bind affect IBM Storage Virtualize products and could cause denial of service. CVE-2024-1737 CVE-2024-1975. Vulnerability Details CVEID:CVE-2024-1737 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when content is being added or updated in...

K000149485: cURL vulnerability CVE-2024-11053

Security Advisory Description When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches th...

2024.3 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-24968 Description: Improper finite state machines FSMs in hardware logic in some...

CVE-2023-22000

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

K15893: Apache HTTP server vulnerabilities CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, and CVE-2014-3523

Security Advisory Description CVE-2014-0117 The modproxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service child-process crash via a crafted HTTP Connection header. CVE-2014-0118 The deflateinfilter function...

UBUNTU-CVE-2022-39402

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell...

Lenovo XClarity Controller (XCC) Vulnerabilities - Lenovo Support US

No description provided...

CVE-2021-43393

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...