22 matches found
EUVD-2026-37845
The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'ruleid' parameter due to missing validation on a user controlled key. This makes it possible for...
CVE-2026-47189
CVE-2026-47189 — Quest Bot AutoMod removal : The issue affects Quest Bot (Discord bot) prior to version 1.0.5, where the AutoMod remove flow looks up and deletes rules by a global database ID without verifying that the rule belongs to the guild where the command runs. An attacker can learn a vict...
PT-2026-37187
Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs host matching in a case-sensitive manner, which conflicts with the case-insensitive nature of HTTP hostnames. This discrepancy allows a request host that differs only in letter...
PT-2026-37188
Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs rule matching on the raw request path, whereas downstream components may normalize dot-segments according to RFC 3986. This discrepancy allows for the authorization of a request...
EUVD-2018-5853
Malware in sbrugna...
UBUNTU-CVE-2023-53492
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...
CVE-2025-57061
Tenda G3 v3.0brV15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
PT-2025-36787
Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0br V15.11.0.17 Description: The Tenda G3 version 3.0br V15.11.0.17 contains multiple stack overflows in the formIPMacBindModify function. These overflows occur via the ruleId, ip, mac, v6, and remark parameters. A crafted...
CVE-2025-57061
Tenda G3 v3.0brV15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2018-13919
Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...
CVE-2019-14047
While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
SUSE CVE-2024-52812
LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser with rights to modify the service e.g. kuiperUser role can inject a cross-site scripting payload into the rule id parameter. Then, after any user with access to this service e.g...
LF Edge eKuiper 跨站脚本漏洞
LF Edge eKuiper is an edge lightweight IoT data analytics software from LF Edge open source. A cross-site scripting vulnerability exists in LF Edge eKuiper versions prior to 2.0.8, which originates from a user with Modify Service privileges being able to inject a cross-site scripting payload into...
Sentry 安全漏洞
Sentry is a developer-oriented bug tracking and performance monitoring platform from Sentry Open Source. A security vulnerability exists in Sentry versions 23.4.0 and earlier and 24.8.0 and earlier, which stems from the fact that an authenticated user can use a known rule ID to mute the alert rul...
CLSA-2024-1705927642 kernel: Fix of 7 CVEs
netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 - netfilter: nftables: do not allow RULEID to refer to another chain CVE-2022-2586 - netfilter: nftables: do not allow SETID to refer to another table CVE-2022-2586 - netfilter: nftables: prevent OOB access in nftbyteordereval...
JVN#42665874: "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
"Shadankun Server Security Type" provided by Cyber Security Cloud , Inc. contains a denial-of-service DoS vulnerability. When "Rule id"s assigned by the product's internal script overlap, it would not be able to add newly detected attack source IP addresses as the blocking targets CWE-703. The...
Input validation
While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2018-13919
Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...
Threat Outbreak Alert RuleID24699: Email Messages Distributing Malicious Software on August 30, 2016
Medium Alert ID: 48660 First Published: 2016 August 30 14:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID24699 may contain the following files: Name |...
Cisco repair Shadow Brokers announced the vulnerability and released technical analysis-vulnerability warning-the black bar safety net
A, event summary 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”the shadow broker-hacking group claims to Own the intrusion of the Equation Group equation organization of hacking an organization's computer system, and successfully steal a lot of confidential information and hacker...