CLDAP Analyzer with ASN.1 BER Encoding and Basic TLV Response Parser

This Python script implements a CLDAP Connectionless LDAP analyzer that builds and sends LDAP CLDAP discovery requests and parses responses using ASN.1 BER encoding and a basic TLV parser. It constructs a structured LDAP search request including DnsDomain, User, and NtVer filters, sends it over U...

UBUNTU-CVE-2026-49130

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...

PT-2026-44497

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspf char data function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...

CVE-2026-46416

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO creates one shared UFOWebSocketHandler instance and reuses it for multiple authenticated WebSocket connections. The handler stores per-connection protocol objects in...

Cisco 350X Series和Cisco 350 Series 安全漏洞

The Cisco 350X Series and Cisco 350 Series are a series of enterprise-class stackable Ethernet switches from the American company Cisco. There are security vulnerabilities in both the Cisco 350X Series and Cisco 350 Series. These vulnerabilities stem from improper error handling when parsing...

Envoy Proxy 安全漏洞

Envoy Proxy is a cloud-native, high-performance edge/intermediate/service proxy open-sourced by Envoy Proxy. A security vulnerability exists in Envoy Proxy that stems from an inability to properly handle http responses, which could lead to downstream failures in networked devices...

PT-2023-12795 · Qualcomm · Snapdragon +181

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in a modem due to an integer overflow leading to a buffer overflow when handling APDU responses. This occurs while...

The vulnerability of the Squid proxy server arises from insufficient validation of the data entered by users when sending HTTP request responses. This allows attackers to trigger a service failure.

The vulnerability of the Squid proxy server exists due to insufficient validation of the data entered by users when responding to HTTP requests. Exploiting this vulnerability allows a malicious actor to cause service failures...

DEBIAN-CVE-2021-26906

An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...

PT-2020-2236 · Cisco · Snort +3

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions prior to the fixed version Cisco Firepower Threat Defense versions prior to the fixed version Cisco Firepower Management Center versions prior to the fixed version Description: The issue is related to errors in how the Snor...

tomcat-native: Mishandled OCSP responses can allow clients to authenticate with revoked certificates

When using pre-produced responses from an OCSP responder, Tomcat Native did not correctly validate the status of certificates. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual...

DEBIAN-CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a malform...

Vulnerability of browsers Internet Explorer and Microsoft Edge, allowing hackers to replace web pages

The vulnerabilities of Internet Explorer and Microsoft Edge exist due to deficiencies in the implementation of HTTP responses. Exploiting these vulnerabilities allows a malicious actor to replace websites using a specially crafted URL...

Microsoft Internet Explorer Spoofing Vulnerability

Microsoft Internet Explorer is a popular web browser introduced by Microsoft and bundled with the Windows operating system. A spoofing vulnerability exists in Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof Web sites via ...