DEBIAN-CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.35 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

Cross-site Scripting (XSS)

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Cross-site Scripting XSS via the search.twig template and the process that decodes and renders user-supplied content without proper sanitization. An...

CVE-2018-13805

A vulnerability has been identified in SIMATIC ET 200SP Open Controller All versions = V2.0 and = V2.0 and = V2.0 and V2.5. An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to...

UBUNTU-CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...