538 matches found
CVE-2026-23398 icmp: fix NULL pointer dereference in icmp_tag_validation()
In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmptagvalidation icmptagvalidation unconditionally dereferences the result of rcudereferenceinetprotosproto without checking for NULL. The inetprotos array is sparse -- only about 15 of 256...
CVE-2026-33335
CVE-2026-33335 affects Vikunja Desktop (Electron wrapper). From version 0.21.0 up to before 2.2.0, the wrapper forwards URLs from window.open() directly to shell.openExternal() without validation or protocol allowlisting. This enables an attacker who can inject a link that triggers window.open (e...
SUSE CVE-2013-1085
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...
CVE-2026-23566 Log Injection in Content Distribution Service UDP Handler
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...
CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
CVE-2026-1324
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
PT-2026-3932
Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Management System. This issue is related to the SessionController function within the SSH Protocol Handler...
MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...
MiracleLinux 7 : firefox-91.4.0-1.0.1.el7.AXS7 (AXSA:2021-2597:33)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2597:33 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...
MiracleLinux 8 : firefox-128.4.0-1.el8_10.ML.1 (AXSA:2024-8962:36)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8962:36 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox:...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004779)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004779 advisory. A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component...
CVE-2025-15500 Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection
A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
PT-2025-41600
Name of the Vulnerable Software and Affected Versions Cherry Studio versions 1.7.0-alpha.4 and earlier Description Cherry Studio is a desktop client supporting multiple LLM providers. It registers a custom protocol, cherrystudio://, and when handling MCP installation URLs, it parses base64-encode...
EUVD-2016-3026
Malware in sbrugna...
EUVD-2019-7097
Malware in sbrugna...
EUVD-2018-0179
Malware in sbrugna...
EUVD-2007-6555
Malware in sbrugna...
EUVD-2019-19163
Malware in sbrugna...