57 matches found
PT-2025-46177
Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 multi Description A stack-based buffer overflow issue exists in Tenda AC18 version 15.03.05.05 multi. The issue is located in the guestSsid parameter of the /goform/WifiGuestSet API endpoint. Sending oversized da...
EUVD-2017-15524
Malware in sbrugna...
EUVD-2003-0784
Malware in sbrugna...
EUVD-2021-2064
Malware in sbrugna...
EUVD-2017-1524
Malware in sbrugna...
EUVD-2004-1841
Malware in sbrugna...
EUVD-2025-6527
Malicious code in bioql PyPI...
EUVD-2024-53850
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-38140
In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dmrevalidatezones only allowed new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would always equal...
Important: amazon-cloudwatch-agent
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2025-968)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-968 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which...
CVE-2025-32959
CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run...
CVE-2025-32952 io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files...
Azure Linux 3.0 Security Update: coredns / ig / keda (CVE-2025-29786)
The version of coredns / ig / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...
Memory Exhaustion in Expr Parser with Unrestricted Input
Impact If the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression c...
CVE-2025-29786
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
Ubuntu 24.04 LTS : Dovecot vulnerabilities (USN-6982-1)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6982-1 advisory. It was discovered that Dovecot did not not properly have restrictions on ithe size of address headers. A remote attacker could possibly use this issue to...