20 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...
CVE-2026-35633 OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses
OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that allows attackers to trigger excessive memory consumption. Attackers can send crafted HTTP error responses with large bodies to remote media endpoints, causing the application t...
GHSA-4QWC-C7G9-4XCW OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure
Summary Remote media HTTP error bodies were read without a hard size cap before failure handling, allowing unbounded allocation on error responses. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...
OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure
Summary Remote media HTTP error bodies were read without a hard size cap before failure handling, allowing unbounded allocation on error responses. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...
CVE-2025-13726 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
EUVD-2023-59838
Malicious code in bioql PyPI...
CVE-2023-53246
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIGCIFSDFSUPCALL When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. cifs.ko logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding dentry...
DEBIAN-CVE-2023-53246
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIGCIFSDFSUPCALL When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. cifs.ko logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding dentry...
UBUNTU-CVE-2023-53246
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIGCIFSDFSUPCALL When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. cifs.ko logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding dentry...
CVE-2023-53246
CVE-2023-53246 (Linux kernel, CIFS DFS upcall) : When CONFIG_CIFS_DFS_UPCALL is disabled, cifs_dfs_d_automount becomes NULL and the CIFS DFS referral handling can trigger a NULL pointer dereference in VFS follow_automount() while traversing a DFS referral. The fix adds an inline cifs_dfs_d_automo...
EulerOS 2.0 SP11 : git (EulerOS-SA-2025-1356)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the...
kernel: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIGCIFSDFSUPCALL When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. cifs.ko logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding dentry...
CVE-2023-31048
The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely...
OPC UA .NET Standard Reference Server Security Vulnerability
OPC UA .NET Standard Reference Server is a specialized server from the OPC Foundation of America used during the development and testing of the Unified Architecture UA CTT Compliance Testing Tool. A security vulnerability exists in OPC UA .NET Standard Reference Server versions prior to 1.4.371.8...
SUSE CVE-2011-3670
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and...
CVE-2019-14958
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation...
Apache Tomcat 9.0.x < 9.0.0.M21 Remote Error Page Manipulation
Binary data 700701.pasl...
PHP Double Release Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
vBulletin vBay <=1.1.9 Error-Based SQL Injection
Exploit for php platform in category web applications !/usr/bin/env python -W ignore::DeprecationWarning """ VBay input variable "type" being assigned with the datatype NOHTML. Using this data type allows malicious attacks to still be executed. At line 448, it is used within the insert into...
UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (2)
source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A...