Amazon Linux 2023 : docker (ALAS2023-2026-1736)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1736 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

Important: golang

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

CVE-2026-45184

A flaw was found in Kdenlive. This vulnerability allows an attacker to use dangerous proxy parameters when a user opens a specially crafted project file. Successful exploitation could lead to arbitrary code execution or information disclosure on the affected system...

EUVD-2026-28946

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

Linux Distros Unpatched Vulnerability : CVE-2026-45184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. CVE-2026-45184 Note that Nessus relies on the presen...

DEBIAN-CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

UBUNTU-CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

CVE-2026-45184

Kdenlive has a vulnerability in versions prior to 26.04.1 where dangerous proxy parameters can be introduced via an attacker-controlled project file. The issue affects handling of proxies within the project file, with potential impacts to confidentiality and integrity (per CVSS: LOCAL, HIGH impac...

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

Kdenlive 安全漏洞

Kdenlive is a video editing software from the Kdenlive organization that supports multi-track editing with rich effects processing. A security vulnerability exists in Kdenlive versions prior to 26.04.1 that stems from allowing dangerous proxy parameters when using an attacker-controlled project...

PT-2026-39422

Name of the Vulnerable Software and Affected Versions Kdenlive versions prior to 26.04.1 Description An issue exists where the software allows the injection of dangerous proxy parameters when a project file controlled by an attacker is used. Recommendations Update to version 26.04.1...

D-Link DI-7300G+ 命令注入漏洞

D-Link DI-7300G+ is a ruggedized enterprise-grade smart gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7300G+ version 19.12.25A1, which stems from the incorrect operation of the parameters proxysrv, proxylanport, proxylanip, and proxysrvport in the file...

D-Link Di-7200G Command Injection Vulnerability (CNVD-2022-15187)

D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the proxysrv, proxysrvport, proxylanip, proxylanport parameters...

The vulnerability of the proxyclient.asp implementation in the D-Link DI-7200G V2.E1 router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the proxyclient.asp implementation in D-Link DI-7200G V2.E1 microprogramming software is related to insufficient cleaning of input data during the processing of parameters proxysrv, proxysrvport, proxylanip, and proxylanport. Exploiting this vulnerability allows a remote...

D-Link Di-7200G 命令注入漏洞

D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the proxysrv, proxysrvport, proxylanip, proxylanport parameters...