4483 matches found
CentSDR 安全漏洞
CentSDR is a handheld software-defined radio receiver open-sourced by ttfrftech. There is a security vulnerability in CentSDR, which stems from a stack overflow issue in the Thread1 function...
tornado-python: Tornado: Denial of Service via large multipart bodies
A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...
EUVD-2026-22249
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2450
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
EUVD-2026-22248
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2449
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2450
CVE-2026-2450 concerns a .NET misconfiguration in upKeeper Solutions’ upKeeper Instant Privilege Access, enabling impersonation that hijacks a Privileged Thread of Execution. Affected product: upKeeper Instant Privilege Access up to version 1.5.0. The CVSS 4.0 vector indicates NETWORK attack vect...
CVE-2026-2450
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2450
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2450
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2449
CVE-2026-2449 affects upKeeper Instant Privilege Access (upKeeper Solutions) up to version 1.5.0. The issue is described as improper neutralization of argument delimiters in a command (argument injection) vulnerability, enabling hijacking of a privileged thread of execution. CVSS4 base score is 9...
CVE-2026-2449
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
CVE-2026-2449
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
SUSE CVE-2026-5795
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals. A subsequent reques...
GHSA-CQ8V-F236-94QC Rand is unsound with a custom logger using rand::rng()
It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...
Rand is unsound with a custom logger using rand::rng()
It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...
PT-2026-32623
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...
upKeeper Instant Privilege Access 安全漏洞
UpKeeper Instant Privilege Access is a privilege management system developed by the Swedish company UpKeeper. Versions of UpKeeper Instant Privilege Access prior to 1.5.0 contained security vulnerabilities. These vulnerabilities were caused by improper parameter separators in commands, which coul...
RHEL 8 : perl:5.32 (RHSA-2026:8096)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8096 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl...
Moderate: perl:5.32 security update
Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 For more details about the security...