29 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31432
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consume...
EUVD-2018-19823
Malware in sbrugna...
EUVD-2022-2160
Malicious code in bioql PyPI...
BIT-POWERSHELL-2020-1108
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an under-reference of requests in ublk when handling recovery and redistribution...
USN-7181-1 salt vulnerability
It was discovered that Salt incorrectly handled web requests when the SSH client was enabled. An attacker could possibly use this issue to achieve remote code execution or obtain sensitive information...
CVE-2024-12828
CVE-2024-12828 affects Webmin CGI handling, where unsanitized user input in CGI requests leads to command injection and remote code execution in the root context. The issue arises from improper validation before executing system calls. Public sources (including NVD, OSV, CIRCL, and related adviso...
Cisco IOS XE Software 安全漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...
The vulnerability of the GLPI system’s handling of requests and incidents arises from the improper neutralization of input data during the generation of web pages. This allows attackers to carry out XSS attacks.
The vulnerability in the GLPI request and incident handling system relates to the improper elimination of input data during the generation of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of the GLPI system’s request and incident handling process, related to incorrect input cancellation during the generation of web pages, allows a perpetrator to execute arbitrary code.
The vulnerability of the GLPI system for handling requests and incidents is related to incorrect neutralization of input data during the generation of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted RTF format data...
The vulnerability of the Lib/webbrowser.py component in the Python programming language allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Lib/webbrowser.py component of the Python interpreter is related to insufficient neutralization of special elements in requests. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
UBUNTU-CVE-2022-37392
Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
The vulnerability of the GLPI system’s handling of requests and incidents, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL queries.
The vulnerability of the GLPI system’s handling of requests and incidents is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the GLPI system’s request and incident handling capabilities, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the GLPI system for handling requests and incidents is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2016-10833
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd SEC-104...
USN-4046-1 irssi vulnerabilities
It was discovered that Irssi incorrectly handled certain disconnections. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-7054 It was discovered that Irssi incorrectly handled certain requests. An...
CVE-2019-0869
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Apache HTTP Server vulnerabilities (USN-3937-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3937-1 advisory. Charles Fol discovered that the Apache HTTP Server incorrectly handled the scoreboard shared memory area. A remote attacker able ...
CVE-2019-6602
In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request...
The vulnerability of the software platform for the Cisco RV180W multi-functional router and the Cisco Small Business RV220W network security gateway allows a intruder to disclose or modify protected information.
The vulnerability in the code of the software platform for the Cisco RV180W multi-functional router and the Cisco Small Business RV220W wireless network security gateway lies in improper cleaning of data entered by users in HTTP requests. Exploiting this vulnerability allows a malicious actor to...