CVE-2021-22201

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

CVE-1999-0526

An X server's access control is disabled e.g. through an "xhost +" command and allows anyone to connect to the server...

CVE-1999-0455

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly...

CVE-2024-2462

Allow attackers to intercept or falsify data exchanges between the client and the server...

[SECURITY] Fedora 43 Update: nginx-mod-modsecurity-1.0.4-5.fc43

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

EUVD-2025-205431

IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...

CVE-2025-59789

CVE-2025-59789 : Apache bRPC’s json2pb component (uses rapidjson) is vulnerable to stack/exhaustion via deeply recursive JSON input, causing server crashes. Affected: bRPC

Incorrect Implementation of Authentication Algorithm

Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm. An attacker can gain unauthorized access to another user's account by leveraging a specially crafted email address when switching authentication methods and sending a request to the...

kernel: sunrpc: fix handling of server side tls alerts

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...

SUSE-SU-2025:3755-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

EUVD-2025-35650

Client-Side Enforcement of Server-Side Security CWE-602 in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. This issue affects Command Centre Server: 9.30 prior to vEL9.30.2482 MR2, 9.20 prior to vEL9.20.2819 MR4, 9.10 prior to...

TencentOS Server 3: gnutls (TSSA-2025:0814)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0814 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2017-3758

Malware in sbrugna...

EUVD-2018-3800

Malware in sbrugna...

EUVD-2018-0307

Malware in sbrugna...

EUVD-2014-6571

Malware in sbrugna...

EUVD-1999-0864

Malware in sbrugna...

EUVD-2001-0250

Malware in sbrugna...

EUVD-2021-16674

Malware in sbrugna...

EUVD-2007-3090

Malware in sbrugna...