22115 matches found
CVE-2026-48851
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...
CVE-2026-48851
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...
CVE-2026-48851
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...
Security update for python312
This update for python312 fixes the following issues CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-4786: Incomplete mitigation of %action expansion for command injection to webbrowser.open bsc1262319. CVE-2026-6019: BaseCookie.jsoutput does not...
SUSE-SU-2026:2055-1 Security update for python312
This update for python312 fixes the following issues - CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. - CVE-2026-4786: Incomplete mitigation of %action expansion for command injection to webbrowser.open bsc1262319. - CVE-2026-6019: BaseCookie.jsoutput does not...
EEF-CVE-2026-47071 SOCKS5 TLS upgrade ignores caller timeout in hackney
Summary Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/...
Security update for rsync
This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow Information Disclosure bsc1264512. CVE-2026-43620: Out-of-Bounds Array Read via...
SUSE-SU-2026:2048-1 Security update for rsync
This update for rsync fixes the following issues - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. - CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. - CVE-2026-43618: Integer Overflow Information Disclosure bsc1264512. - CVE-2026-43620: Out-of-Bounds Array Read...
Exploit for CVE-2026-47102
CVE-2026-47102 – LiteLLM Privilege Escalation via /user/updat...
CVE-2026-9462
Technical details are not publicly available in the provided documents. Monitor for updates from vendors and CVE repositories.
CVE-2026-9462 Edimax EW-7438RPn formWpsProxyEnable stack-based overflow
A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is...
EUVD-2026-31682
A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is...
CVE-2026-9462
A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is...
Exploit for CVE-2026-47101
CVE-2026-47101 — LiteLLM Privilege Escalation via /key/genera...
MAL-2026-4754 Malicious code in heims (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33e7dda6f116113ebe2bd1ae1ec5238d66f8ada8a87e69a90e49aac1f4eb3f57 The package's WechatUtil.gettoken in src/heims/utils/wechat/wechatutil.py hardcodes a POST to https://token.zhangjianpeng.cn/ with md5appid and...
Zimbra Collaboration Suite - SSRF
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. id: CVE-2019-9621 info: name: Zimbra Collaboration Suite - SSRF author: riteshs4hu severity: high description: |...
Edimax EW-7438RPn 安全漏洞
Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formWpsProxyEnable in the file /goform/formWpsProxyEnable, and may resul...
PT-2026-43123
Name of the Vulnerable Software and Affected Versions PuTTY versions 0.77 through 0.83 Description The software uses a copy of the PuTTY icon to indicate trust for TELNET data. However, the trust status is not cleared between the proxy authentication phase and the main session, which may lead to...
Security update for nginx (important)
openSUSE security update: security update for nginx ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20784-1 Rating: important References: bsc1257675 bsc1260416 bsc1260417 bsc1260418 bsc1260419 Cross-References: CVE-2026-1642 CVE-2026-27654...
Alibaba Cloud Linux 3 : 0124: libsoup (ALINUX3-SA-2026:0124)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-5119: A flaw was found in libsoup. When...