CVE-2018-21097

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before...

EUVD-2022-4955

Malicious code in bioql PyPI...

PT-2025-29634

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description A difficult-to-exploit issue exists in the MySQL Client component mysqldump of Oracle MySQL. Successful...

CVE-2025-2443

CVE-2025-2443 describes a cross-site-scripting (XSS) vulnerability and content security policy bypass in GitLab Enterprise Edition (EE) under specific conditions. Affected versions are GitLab EE 16.6 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1. The provided connected docum...

CVE-2025-5334

CVE-2025-5334 affects Devolutions Remote Desktop Manager across Windows, macOS, Android, and iOS. The issue is a private information exposure in the user vaults component where, under certain conditions, entries edited by their owners can be moved from user vaults to shared vaults, making private...

CVE-2025-4979

CVE-2025-4979 affects GitLab CE/EE prior to specific fixed versions (17.10.7, 17.11.3, 18.0.1) where an attacker can disclose masked or hidden CI variables in the WebUI by creating their own variable and inspecting the HTTP response. The root cause is not detailed beyond the disclosure behavior; ...

CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

CVE-2025-30162

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

GHSA-W6RX-9G2X-MG5G Drupal core contains a potential PHP Object Injection vulnerability

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

CVE-2019-7475

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8...