11 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: preventing buffer overflow in hidhwrequest. Currently, the returned value is considered to be always valid. However, when working with HID-BPF, the returned value can be arbitrarily large, because it is the returned val...
EUVD-2026-28510
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw non-normalized request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy ca...
CVE-2026-31401
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...
CVE-2026-31401 HID: bpf: prevent buffer overflow in hid_hw_request
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...
Server-Side Request Forgery (SSRF)
local-deep-research is vulnerable to Server-Side Request ForgerySSRF. The vulnerability is due to the download service using raw requests.get without applying SSRF protections, which allows an attacker to submit malicious URLs to access internal services, cloud metadata endpoints, or perform...
EUVD-2025-204778
Local Deep Research is Vulnerable to Server-Side Request Forgery SSRF in Download Service...
Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Summary The download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow attackers to access internal services and attempt to reach cloud provider metadata endpoints AWS/GCP/Azure, as well as...
GHSA-9C54-GXH7-PPJC Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Summary The download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow attackers to access internal services and attempt to reach cloud provider metadata endpoints AWS/GCP/Azure, as well as...
nuclei2xray
Nuclei2Xray A tool written in Go language, used to convert Nu...
CVE-2021-1425
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is bei...
[Full-Disclosure] DoS in Webbsyte Chat 0.9.0
Donato Ferrante Application: Webbsyte Chat http://sourceforge.net/projects/wchat/ Version: 0.9.0 Bug: Denial Of Service Date: 02-Aug-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...