Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation by Codecs, which could allow remote attackers to exploit cross-source data throug...

Security Bulletin: IBM Storage Protect Server is affected by vulnerabilities in IBM SDK, Java Technology Edition that could allow denial-of-service or information exposure in applications using the affected Java components.

Summary IBM Storage Protect Server is affected by multiple vulnerabilities in IBM SDK, Java Technology Edition may allow attackers to exploit weaknesses in certain Java components. These issues could lead to denial-of-service conditions or unintended information exposure in applications that rely...

EUVD-2019-5328

Malware in sbrugna...

EUVD-2006-5307

Malware in sbrugna...

EUVD-2021-21468

Malware in sbrugna...

EUVD-2025-4501

Malicious code in bioql PyPI...

KLA87341 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Bot Service can be exploited remotely to gain privileges. 2. An elevation ...

Linksys多款产品 安全漏洞

Linksys RE6250 and others are a wireless extender from Linksys USA. A security vulnerability exists in various Linksys products, which stems from a stack buffer overflow that could lead to a remote attack. The following products are affected: the RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000...

Linux Distros Unpatched Vulnerability : CVE-2012-6550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the clipText returned fr...

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protective measures for the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the monitoring tool for VMware Aria Operations is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HTTP Client Automatic Exploiter 2 Browser Autopwn", 'Description' = %q This module will automatically serve browser exploits. Here are the option...

EuroTel ETL3100 Radio Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : EuroTel Equipment : ETL3100 Vulnerabilities : Improper Restriction of Excessive Authentication Attempts, Authorization Bypass Through User-Controlled Key,...

Rocky Linux 8 : rsyslog (RLSA-2022:4799)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4799 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

Heap overflow

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

DEBIAN-CVE-2021-37986

Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page...

FreeBSD : MySQL -- Multiple vulnerabilities (38a4a043-e937-11eb-9b84-d4c9ef517024)

Oracle reports : This Critical Patch Update contains 41 new security patches for Oracle MySQL. 10 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. The highest CVSS v3.1 Base Score of...

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

Industrial Networks See Sharp Uptick in Hackable Security Holes

It’s on: Adversaries, CISOs and researchers are all simultaneously involved in a frantic race to find cybersecurity vulnerabilities hiding within industrial networks, according to the latest Biannual ICS Risk and Vulnerability report from Claroty. The report analyzed all publicly disclosed...