95 matches found
EUVD-2022-33970
Malicious code in bioql PyPI...
Malicious code in service-stack (npm)
The package service-stack was found to contain malicious code...
MAL-2025-33012 Malicious code in service-stack (npm)
The package service-stack was found to contain malicious code...
KB5062799: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: July 8, 2025
KB5062799: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: July 8, 2025 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates o...
Security Bulletin: Multiple vulnerabilities found in IBM TXSeries for Multiplatforms.
Summary IBM TXSeries for Multiplatforms has been updated in order to address multiple vulnerabilities CVE-2024-12243, CVE-2024-12133, CVE-2024-8176. Vulnerability Details CVEID:CVE-2024-12243 DESCRIPTION: A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an...
CVE-2025-5472
The CVE-2025-5472 entry concerns run-llama/llama_index’s JSONReader. Versions prior to 0.12.38 are vulnerable to a stack overflow/DoS via uncontrolled recursive JSON parsing when processing deeply nested structures. Root cause is unsafe recursive traversal with no depth validation, causing Recurs...
External Control of File Name or Path
Overview ServiceStack.Text is a set of JSON, JSV and CSV text serializers Affected versions of this package are vulnerable to External Control of File Name or Path in the url parameter to the GetErrorResponse method. An attacker can relay NTLM credentials in the context of the current user by...
CVE-2025-6444
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2024-42986
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-42940
Tenda FH1201 v1.2.0.14 408 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-51013
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%dwla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2023-38532
A vulnerability has been identified in Parasolid V34.1 All versions V34.1.258, Parasolid V35.0 All versions V35.0.254, Parasolid V35.1 All versions V35.1.171, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter Visualization...
CVE-2022-25050
rtl433 21.12 was discovered to contain a stack overflow in the function somfyiohcdecode. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...
CVE-2022-24159
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formSetPPTPServer. This vulnerability allows attackers to cause a Denial of Service DoS via the startIp and endIp parameters...
CVE-2022-24153
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formAddMacfilterRule. This vulnerability allows attackers to cause a Denial of Service DoS via the devName parameter...
CVE-2020-25853
The function CheckMic in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtmd5hmacveneer or rthmacsha1veneer, resulting in a stack buffer over-read which can be exploited for denial ...
CVE-2020-36366
Stack overflow vulnerability in parsevalue Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service DoS via a crafted file...
CVE-2019-16536
Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...
PT-2025-22128
Name of the Vulnerable Software and Affected Versions DNSdist versions prior to 1.9.10 Description In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a...
RHEL 8 : Red Hat Product OCP Tools 4.13 Openshift Jenkins (RHSA-2025:2222)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2222 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...