20 matches found
CVE-2026-45856
RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend...
net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()
...
GHSA-CHQC-8P9Q-PQ6Q basic-ftp has FTP Command Injection via CRLF
Summary basic-ftp version 5.2.0 allows FTP command injection via CRLF sequences \r\n in file path parameters passed to high-level path APIs such as cd, remove, rename, uploadFrom, downloadTo, list, and removeDir. The library's protectWhitespace helper only handles leading spaces and returns other...
PT-2026-23564
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description The BlueBubbles extension in OpenClaw contains a local file inclusion issue in how media paths are handled. This allows attackers to read arbitrary files from the local filesystem. The...
Arbitrary Command Injection
Overview bitcoinrb is an implementation of Bitcoin Protocol for Ruby Affected versions of this package are vulnerable to Arbitrary Command Injection via the send function in rpc/httpserver.rb, which runs as part of the experimental SPV node feature. An attacker can execute arbitrary system comman...
atm: atmtcp: Free invalid length skb in atmtcp_c_send().
...
WordPress plugin myCred 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
kernel: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjust logging of firmware messages in case of released token in hwrmsend In case of token is released due to token-state == BNXTHWRMDEFERRED, released token set to NULL is used in log messages. This issue is expected to ...
PT-2023-21086 · Peplink · Peplink Surf Soho
Name of the Vulnerable Software and Affected Versions: peplink Surf SOHO HW1 version 6.3.5 Description: An OS command injection issue exists in the admin.cgi USSD send functionality. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request...
OESA-2023-1701 dsoftbus security update
Security Fixes: Buffer Overflow vulnerability in coapsend function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu.CVE-2023-30362...
OESA-2023-1702 dsoftbus security update
Security Fixes: Buffer Overflow vulnerability in coapsend function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu.CVE-2023-30362...
PT-2023-22653 · Libcoap +1 · Libcoap +1
Name of the Vulnerable Software and Affected Versions: libcoap library versions 4.3.1-103-g52cfd56 through 4.3.1-119 Description: The issue is related to a Buffer Overflow vulnerability in the coap send function. This vulnerability allows attackers to obtain sensitive information via a malformed...
PT-2022-36576 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.299 Description: A potential memory leak was identified in the nfcmrvl i2c nci send function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-36454 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.224 Description: A potential memory leak was identified in the s3fwrn5 nci send function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
PT-2022-28271 · Phpxmlrpc · Phpxmlrpc
Name of the Vulnerable Software and Affected Versions: phpxmlrpc affected versions not specified Description: The issue concerns argument injection via local file access in the Client:send function. This is achieved through manipulation of the $protocol argument. Recommendations: At the moment,...
Upgraded Q -> M from 180 [1655579854185]
Judge has assessed an item in Issue 180 as Medium risk. The relevant finding follows: Use of send might fail in the future send only forward 2300 gas which may break when gas cost change in a future ETH upgrade see: function withdrawAll public payable onlyOwner...
SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long expires, if-modified-since, and LastModified strings...
OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
No description provided by source. / cve-2009-1378.c OpenSSL = 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the...
Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net
by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...
0irc-client 1345 build20060823 - Denial of Service
/ 0irc-client v1345 build 20060823 DoS Exploit By DiGitalX [email protected] Date: 22/3/2007 -- MicroSystem Team -- Site: http://DiGitalX.I.am Description: 0irc-client suffers from a NULL pointer derefrencing bug. / define WIN32LEANANDMEAN include include include include pragma commentlib,...