a-api-server (=1.3.0), a2 (>=0.1.0 <=0.3.17) +3857 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)

flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.8.44.4, =1.3.1.post1 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...

abilian-sbe (>=1.1.0 <=1.1.12), acfx (>=0.3.1 <=0.3.7.dev1) +687 more potentially affected by CVE-2025-66221 +1 more via werkzeug (>=3.0.0 <=3.1.4)

werkzeug PYPI version =3.0.0, =1.1.0, =0.3.1, =4.11.0, =1.0.0, =0.1.3, =0.2.4.1, =0.0.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =0.1.0, =1.0.0, =1.1.0a20250428 and more Source cves: CVE-2025-66221, CVE-2026-21860 Source advisory: SNYK:PYTHON-WERKZEUG-14908843...

EUVD-2018-10100

Malware in sbrugna...

BIT-MONGODB-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

CVE-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

CVE-2025-6706

CVE-2025-6706 affects MongoDB Server when the SBE engine is enabled. An authenticated user can trigger a use-after-free via a specific aggregation pipeline pattern, potentially crashing the server and causing other unexpected behavior without needing shutdown privileges. Affected versions are Mon...

Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior

[email protected] reports: An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework...

FreeBSD : MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior (5e64770c-52aa-11f0-b522-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5e64770c-52aa-11f0-b522-b42e991fc52e advisory. [email protected] reports: An authenticated user may trigger a use after free that may result in MongoDB...

a4t-sale-discount (=5.0.2), abilian-sbe (=1.0.5) +1599 more potentially affected by CVE-2022-29361 via werkzeug (>=0.10.1 <=2.1.0)

werkzeug PYPI version =0.10.1, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =0.1.1, =0.1.0rc3, =0.0.3, =0.1.0, =2022.9.19, =2023.12.31 and more Source cves: CVE-2022-29361 Source advisory: OSV:PYSEC-2022-203...

CVE-2021-20487

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

Code injection

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

CVE-2021-20487

CVE-2021-20487 affects IBM Power9 Self Boot Engine (SBE). The SBE vulnerability could let a privileged user inject malicious code and compromise the integrity of the host firmware by bypassing the host firmware signature verification process. Affects IBM Power Systems with Power9 SBE, with remedi...

CVE-2021-20487

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

CVE-2020-5821

Symantec Endpoint Protection (SEP) and SEP SBE on Windows are affected by a DLL injection vulnerability (CVE-2020-5821) in versions prior to 14.2 RU2 MP1 (SEP) and prior to 14.2.5569.2100 (SEP SBE). The issue allows an attacker to run code in place of legitimate code; impact is high across confid...

Symantec Endpoint Protection Multiple Issues

SUMMARY Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection SEP, Symantec Endpoint Protection Manager SEPM, Symantec Endpoint Protection Small Business Edition SEP SBE and Symantec Mail Security for MS Exchange SMSMSE products. AFFECTED PRODUCT...

Sql injection

Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...

CVE-2018-18369

Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...

CVE-2018-18369

Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...

CVE-2018-18369

The CVE-2018-18369 entry describes a DLL Preloading vulnerability affecting Windows clients: Norton Security prior to 22.16.3 and SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, and SEP-12.1.7484.7002. Root cause is a DLL loading order issue that can allow an attacker to substitute a m...