ALPINE-CVE-2026-44172

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

CVE-2026-44172

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

EUVD-2026-36517

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

Mageia: Security Advisory (MGASA-2025-0298)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-GOLANG-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

Updated golang packages fix security vulnerabilities

Insufficient validation of bracketed IPv6 hostnames in net/url. CVE-2025-47912 Unbounded allocation when parsing GNU sparse map in archive/tar. CVE-2025-58183 Parsing DER payload can cause memory exhaustion in encoding/asn1. CVE-2025-58185 Lack of limit when parsing cookies can cause memory...

Excessive resource consumption in net/http, net/textproto and mime/multipart

...

GLSA-202212-01 : curl: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202212-01 curl: Multiple Vulnerabilities - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the...

ALPINE-CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...

TELNET stack contents disclosure

curl supports the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on uninitialized data from a stack bas...

CURL-CVE-2021-22898 TELNET stack contents disclosure

curl supports the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on uninitialized data from a stack bas...

CVE-2018-11421

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to...

bro -- array bounds and potential DOS issues

Corelight reports: Bro 2.5.5 primarily addresses security issues: Fix array bounds checking in BinPAC: for arrays that are fields within a record, the bounds check was based on a pointer to the start of the record rather than the start of the array field, potentially resulting in a buffer...

Vulnerabilities in Insulin Pumps Can Lead to Overdose

Patients who use insulin pumps made by Johnson & Johnson are being warned this week that vulnerabilities in the devices could be exploited to trigger an overdose. The bugs exist in OneTouch Ping, a medical device made by Animas Corp. – a subsidiary of Johnson & Johnson – which allows diabetic...

SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server

SEC Consult Vulnerability Lab Security Advisory 20140411-0 ======================================================================= title: Multiple vulnerabilities product: Plex Media Server vulnerable version: confirmed in 0.9.9.10 fixed version: none impact: High homepage: http://www.plex.tv...

DHS Thinks Some SCADA Problems Are Too Big To Call "Bug"

The Stuxnet worm may be the most famous piece of malicious software ever written. When it was first detected, a little over a year ago, the worm sounded a warning to nations around the world that critical infrastructure systems were potential targets of attack for foreign governments and cyber...

Trojan Last Door v6 (Latest version) Denial of service

Exploit for windows platform in category dos / poc / LostDoor v6 Remote Denial Of Service Author: Kevin R.V Date: 2011 License: Totally free 8- Some information: The protocol used by LastDoor v6 is a simply clear text protocol with a delimitter, thats a normal packet to connect v1ct1m\AS/My...