openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables

A flaw was found in the OpenSSH GSSAPI Generic Security Service Application Program Interface delta patches, as included in various Linux distributions. A remote attacker could exploit this by sending an unexpected GSSAPI message type during the key exchange process. This occurs because the...

CVE-2024-55026

An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...

PT-2026-22271

Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description A stack-based buffer overflow exists in an API route of XWEB Pro. This allows unauthenticated attackers to cause stack corruption and program termination. The vulnerable API route is not specified...

EUVD-2006-0272

Malware in sbrugna...

EUVD-2007-3842

Malware in sbrugna...

CVE-2025-43782

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated users to access a workflow definition by name via the API...

CVE-2022-35264

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

Oracle Database Multiple Vulnerabilities (January 2006 CPU)

The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...

Input validation

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via 1 EXFSYS.DBMSRLMGRUTL in Rules Manager DB11 and 2 Program Interface DB13...

CVE-2007-3858

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via 1 EXFSYS.DBMSRLMGRUTL in Rules Manager DB11 and 2 Program Interface DB13...

Sql injection

Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB17 in the Oracle Text component and 2 DB18 in the Program Interface Network component. NOTE: details are...

CVE-2006-0265

CVE-2006-0265 involves multiple vulnerabilities in Oracle Database server (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, 10.2.0.1). Connected sources (PRION entries) describe a likely SQL injection in CTXSYS and program interface/network components (DB17/DB18), with specific function names cited:...