4 matches found
USN-8348-1: GoBGP vulnerabilities
It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...
Cross-site Scripting (XSS)
Overview tarteaucitronjs is a package that provides compliance to the European cookie law. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to missing sanitization of the services attributes value. Details Cross-site scripting or XSS is a code vulnerability that...
The vulnerability of the serviceattrreq and processrequest functions (sdpd-request.c) in the Bluetooth protocol stack for the Linux BlueZ operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the serviceattrreq and processrequest functions sdpd-request.c in the Bluetooth protocol stack for the Linux BlueZ operating system arises from writing beyond buffer boundaries. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality,...
smb-enum-services NSE Script
Retrieves the list of services running on a remote Windows system. Each service attribute contains service name, display name and service status of each service. Note: Modern Windows systems requires a privileged domain account in order to list the services. References: Script Arguments randomsee...