18 matches found
Amazon Linux 2023 : docker (ALAS2023-2026-1736)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1736 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Important: golang
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
CVE-2026-45184
A flaw was found in Kdenlive. This vulnerability allows an attacker to use dangerous proxy parameters when a user opens a specially crafted project file. Successful exploitation could lead to arbitrary code execution or information disclosure on the affected system...
EUVD-2026-28946
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
Linux Distros Unpatched Vulnerability : CVE-2026-45184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. CVE-2026-45184 Note that Nessus relies on the presen...
DEBIAN-CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
UBUNTU-CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
CVE-2026-45184
Kdenlive has a vulnerability in versions prior to 26.04.1 where dangerous proxy parameters can be introduced via an attacker-controlled project file. The issue affects handling of proxies within the project file, with potential impacts to confidentiality and integrity (per CVSS: LOCAL, HIGH impac...
CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
CVE-2026-45184
Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...
PT-2026-39422
Name of the Vulnerable Software and Affected Versions Kdenlive versions prior to 26.04.1 Description An issue exists where the software allows the injection of dangerous proxy parameters when a project file controlled by an attacker is used. Recommendations Update to version 26.04.1...
Kdenlive 安全漏洞
Kdenlive is a video editing software from the Kdenlive organization that supports multi-track editing with rich effects processing. A security vulnerability exists in Kdenlive versions prior to 26.04.1 that stems from allowing dangerous proxy parameters when using an attacker-controlled project...
D-Link DI-7300G+ 命令注入漏洞
D-Link DI-7300G+ is a ruggedized enterprise-grade smart gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7300G+ version 19.12.25A1, which stems from the incorrect operation of the parameters proxysrv, proxylanport, proxylanip, and proxysrvport in the file...
D-Link Di-7200G Command Injection Vulnerability (CNVD-2022-15187)
D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the proxysrv, proxysrvport, proxylanip, proxylanport parameters...
D-Link Di-7200G 命令注入漏洞
D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the proxysrv, proxysrvport, proxylanip, proxylanport parameters...