UBUNTU-CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

EUVD-2020-7681

Malware in sbrugna...

OESA-2025-1779 nbdkit security update

NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...

CVE-2024-44821

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that stems from the gmmstateexception function mishandling a specific response error, which can be exploited by an...

CVE-2024-56726 octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp errors in cn10k.c Add error pointer check after calling otx2mboxgetrsp...

CVE-2024-56725 octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp errors in otx2dcbnl.c Add error pointer check after calling otx2mboxgetrsp...

ROS-2-1571

2.1571 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

CVE-2023-3462

A flaw was found in the HashiCorp Vault. The Vault and Vault Enterprise “Vault” LDAP auth method allows unauthenticated users to potentially enumerate valid accounts in the configured LDAP system by observing the response error when querying usernames...

SUSE-SU-2023:0362-1 Security update for grafana

This update for grafana fixes the following issues: - Version update from 8.5.13 to 8.5.15 jscPED-2617: CVE-2022-39306: Security fix for privilege escalation bsc1205225 CVE-2022-39307: Omit error from http response when user does not exists bsc1205227 CVE-2022-39201: Do not forward login cookie i...

ROS-20220929-01

BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...

Red Hat Undertow 安全漏洞

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow that stems from an EAP 7 response to a double AJP 400 resulting in a CPING failure...

ROS-2-2047

2.2047 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

HawkScan - Security Tool For Reconnaissance And Information Gathering On A Website

Security Tool for Reconnaissance and Information Gathering on a website. python 2.x & 3.x This script use "WafW00f" to detect the WAF in the first step https://github.com/EnableSecurity/wafw00f This script use "Sublist3r" to scan subdomains https://github.com/aboul3la/Sublist3r This script use...

Thomson Reuters Concourse Firm Central 2.13.0097 - Directory Traversal Local File Inclusion

Thomson Reuters Concourse Firm Central 2.13.0097 - Directory Traversal Local File Inclusion ''' Exploit Title: Thomson Reuters Concourse & Firm Central 2.13.0097 - Directory Traversal & Local File Inclusion Date: 02/13/2019 Exploit Author: 0v3rride Vendor Homepage:...

SAP Sybase Adaptive Server Enterprise 'probe' login security bypass vulnerability

SAP Sybase Adaptive Server Enterprise ASE is a relational database management system from SAP. The system can be used in data-intensive environments and is characterized by high speed and stable performance. A security bypass vulnerability exists in SAP Sybase ASE. Due to an error in the...

Apple Safari 'javascript: URI' XSS Vulnerability (Sep 2009)

Apple Safari Web Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Seamonkey Multiple Vulnerabilities (Jun 2009) - Linux

Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-1250

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service system crash via an RX response with a large error-code value that is interpreted as a pointer and dereferenced,...