5561 matches found
CVE-2026-33691
The CVE-2026-33691 issue affects OWASP CRS prior to versions 3.3.9 and 4.25.0, where whitespace padding in filenames bypasses the file-extension checks for dangerous extensions (.php, .phar, .jsp, .jspx) because the extension regex is not applied after normalizing whitespace. The vulnerability is...
CVE-2026-33691 OWASP CRS: Whitespace padding in filenames bypasses file upload extension checks
The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 3.3.9 and 4.25.0, a bypass was identified in OWASP CRS that allows uploading files with dangerous extensions .php, .phar, .jsp, .jspx by inserting whitespace...
CVE-2026-34804
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34804
Endian Firewall
Improper Following of a Certificate's Chain of Trust
Overview Affected versions of this package are vulnerable to Improper Following of a Certificate's Chain of Trust in the TLS Client/Server authentication for database cluster connections. An attacker can gain unauthorized access to the cluster, read and modify sensitive data, escalate privileges,...
RuleForge: Automated Generation and Validation for Web Vulnerability Detection at Scale
Security teams face a challenge: the volume of newly disclosed Common Vulnerabilities and Exposures CVEs far exceeds the capacity to manually develop detection mechanisms. In 2025, the National Vulnerability Database published over 48,000 new vulnerabilities, motivating the need for automation. W...
PT-2026-29764
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
Rack 安全漏洞
Rack is a modular Ruby web server interface developed by Rack authors. Vulnerabilities exist in versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6. These vulnerabilities stem from Rack::Staticapplicablerules’ evaluation of header rules for PATHINFO when the original URL is encoded. The underlyin...
PT-2026-29695
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions...
Endian Firewall 跨站脚本漏洞
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall dscp parameter, which stems from improper handling of the dscp parameter in /manage/qos/rules/, and can be exploited by an attacker to inject malicious JavaScript...
PT-2026-29919
Summary Rack::Staticapplicable rules evaluates several header rules types against the raw URL-encoded PATH INFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a URL-encoded variant of a static path can serve the same file without the heade...
Linux Distros Unpatched Vulnerability : CVE-2026-23402
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another...
Rack:: Static header_rules bypass via URL-encoded paths
Summary Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a URL-encoded variant of a static path can serve the same file without the headers...
EUVD-2026-17818
A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...
CVE-2026-23402
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
CVE-2026-4748
A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...
CVE-2026-4748 pf silently ignores certain rules
A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...
CVE-2026-4748
CVE-2026-4748 relates to FreeBSD pf: a regression in hash calculation causes rules using address range syntax (x.x.x.x - y.y.y.y) that differ only in the range to be dropped as duplicates, loading only the first such rule. Ranges in address[/mask-bits] syntax were not affected. Affected rules may...
CVE-2026-4748 pf silently ignores certain rules
A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...
CVE-2026-4748
A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...