CVE-2026-33489

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The longestMatch function in plugin/transfer/transfer.go uses a lexicographic string comparison instead...

CoreDNS 安全漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a security vulnerability. This vulnerability stemmed from the tsig plugin’s trust transfer writer, which relied on TsigStatus for verification instead of performing its own validation. This allowed...

Spring gRPC AuthenticationException messages are reflected to remote client

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...

OpenPrinting CUPS 安全漏洞

OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Inc., suitable for Linux® and other Unix®-based operating systems. OpenPrinting CUPS versions 2.4.16 and earlier contain security vulnerabilities. These vulnerabilities stem from the RSS notification program, which allo...

EUVD-2026-7462

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

CVE-2025-69250

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the service reliably leaks detailed internal error messages e.g., strconv.ParseInt parsing errors to remote clients when processi...

Hibernate Reactive security vulnerability

Hibernate Reactive is a reactive API interface provided by the Hibernate company. There is a security vulnerability in Hibernate Reactive, which stems from the ability of remote clients to prematurely close HTTP connections. This could lead to the leakage of database connection pools, potentially...

Siemens SIMATIC Devices and SCALANCE Improper Certificate Validation (CVE-2024-41996)

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource...

EUVD-2016-2999

Malware in sbrugna...

EUVD-2004-0883

Malware in sbrugna...

EUVD-2024-48397

Malicious code in bioql PyPI...

EUVD-2022-24964

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-22466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows...

CVE-2024-7479

CVE-2024-7479 affects TeamViewer for Windows prior to 15.58.4. A flaw in the cryptographic signature verification during VPN driver installation via TeamViewer_service.exe allows a local, unprivileged user to elevate privileges by loading an arbitrary kernel driver. Impact is privilege escalation...

CVE-2024-7479 Improper signature verification of VPN driver installation in TeamViewer Remote Clients

Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install...

CVE-2024-7481 Improper signature verification of Printer driver installation in TeamViewer Remote Clients

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and...

CVE-2024-7481 Improper signature verification of Printer driver installation in TeamViewer Remote Clients

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and...

squid: denial of service in HTTP header parser

A flaw was found in Squid. This issue may allow a remote client or remote server to trigger a denial of service when sending oversized headers in HTTP messages...

squid: denial of service in HTTP header parser

A flaw was found in Squid. This issue may allow a remote client or remote server to trigger a denial of service when sending oversized headers in HTTP messages...

squid: denial of service in HTTP header parser

A flaw was found in Squid. This issue may allow a remote client or remote server to trigger a denial of service when sending oversized headers in HTTP messages...