135 matches found
CVE-2026-57433
Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item count from an SXHOOK record and calls avextend with that count plus one. A count of I32MAX wraps the addition to a negative value. A...
CVE-2026-57433
CVE-2026-57433 affects Perl’s Storable before 3.41. A signed 32-bit item count read from an SX_HOOK record is added to one and then fed to av_extend; when the count equals I32_MAX the addition overflows to negative, causing av_extend to panic during thaw/retrieve and terminate deserialization. Mu...
CVE-2026-57433 Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record
Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item count from an SXHOOK record and calls avextend with that count plus one. A count of I32MAX wraps the addition to a negative value. A...
PT-2026-57824
Name of the Vulnerable Software and Affected Versions Storable versions prior to 3.41 Description A signed integer overflow occurs during the deserialization of a specially crafted SX HOOK record. The function retrieve hook common reads a signed 32-bit item count and passes it to av extend after...
CVE-2026-32961
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sxsmpd. Processing a crafted packet may cause a temporary denial-of-service DoS condition...
VulnCheck KEV: CVE-2025-55748
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using URLs such as...
EUVD-2018-17783
Malware in sbrugna...
EUVD-2005-2137
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986432 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fix bounds check for sx controls For sx controls the semantics of the max field is not...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986879)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986879 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fix bounds check for sx controls For sx controls the semantics of the max field is not...
EUVD-2024-28091
Malicious code in bioql PyPI...
EUVD-2025-26643
Malicious code in bioql PyPI...
EUVD-2024-28090
Malicious code in bioql PyPI...
CVE-2025-55748
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using URLs such as...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal via the resource parameter in the jsx and sx endpoints. An attacker can access and read sensitive configuration files by crafting URLs with "../" sequence that traverse directories. Remediation Upgrade...
CVE-2025-55748 XWiki Platform's configuration files can be accessed through jsx and sx endpoints
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using URLs such as...
CVE-2025-55748
Affected product : XWiki Platform. Vulnerability : path traversal through the jsx and sx endpoints that allows remote attackers to read configuration files. Root cause : improper access control enabling traversal to read files like WEB-INF/xwiki.cfg. Versions affected : 4.2-milestone-2 through 16...
Malicious code in @zalastax/nolb-react-sx (npm)
The package @zalastax/nolb-react-sx was found to contain malicious code...
Malicious code in @zalastax/nolb-node-sx (npm)
The package @zalastax/nolb-node-sx was found to contain malicious code...
MAL-2025-13792 Malicious code in @zalastax/nolb-react-sx (npm)
The package @zalastax/nolb-react-sx was found to contain malicious code...