EUVD-2026-10332

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

CVE-2026-2261 blocklistd(8) socket leak

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

EUVD-2005-3118

Malware in sbrugna...

Citrix Access Gateway - Logout script configured with UNC path is failed to execute with an error 2 upon logging off from VPN plugin

In the below VPN log snppet, we can see that the Proxy Server configuration and Logout Script configured are pushed once the user has established the VPN session. Once the user has logged out from VPN plugin, the Logout script should get executed and clear the proxy server configuration from...

CVE-2020-3403

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. The authenticated user must have privileged EXEC permissions on the...

Comment Rating 2.9.23 Path Disclosure / SQL Injection

================================= Vulnerability ID: HTB22842 Reference: http://www.htbridge.ch/advisory/pathdisclosureincommentratingwordpressplugin.html Product: Comment Rating wordpress plugin Vendor: Bob King http://wealthynetizen.com/ Vulnerable Version: 2.9.23 Vendor Notification: 08 Februar...

UMI.CMS 2.8.1.2 Cross Site Scripting

==================================== Vulnerability ID: HTB22813 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinumicms1.html Product: UMI.CMS Vendor: umisoft http://www.umi-cms.ru/ Vulnerable Version: 2.8.1.2 Vendor Notification: 25 January 2011 Vulnerability Type: Stored XSS Cross...

Cambio 0.5a - Cross-Site Request Forgery

Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF...

Eclime 1.1.2b - Multiple Vulnerabilities

Vulnerability ID: HTB22705 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime1.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...

Frog CMS 0.9.5 - Multiple Vulnerabilities

Frog CMS 0.9.5 - Multiple Vulnerabilities Vulnerability ID: HTB22685 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfrogcms.html Product: Frog CMS Vendor: Philippe Archambault http://www.madebyfrog.com/ Vulnerable Version: 0.9.5 and probably prior versions Vendor Notification: 09 November...

XSS vulnerability in ATutor

Vulnerability ID: HTB22600 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinatutor1.html Product: ATutor Vendor: Inclusive Design Institute http://www.atutor.ca/ Vulnerable Version: 1.0 Vendor Notification: 01 September 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...

XSS vulnerability in PortalApp

Vulnerability ID: HTB22443 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinportalapp2.html Product: PortalApp Vendor: Latek Vulnerable Version: 4.0 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...

gpEasy CMS 1.6.2 Cross Site Scripting

Vulnerability ID: HTB22370 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingpeasycms.html Product: gpEasy CMS Vendor: gpeasy Vulnerable Version: 1.6.2 and Probably Prior Versions Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Ris...

XSS vulnerability in NPDS REvolution

Vulnerability ID: HTB22365 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinnpdsrevolution.html Product: NPDS REvolution Vendor: NPDS Vulnerable Version: REvolution 10.02 and Probably Prior Versions Vendor Notification: 01 May 2010 Vulnerability Type: XSS Cross Site Scripting Status:...