3323 matches found
Allocation of Resources Without Limits or Throttling
Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the installRequestBodyLimitGuard function in the Feishu webhook handler, which appli...
AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...
EUVD-2026-16719
AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket...
GHSA-2MG4-PFGX-64CF AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...
CVE-2026-34362
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
CVE-2026-34362
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
CVE-2026-34362
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
CVE-2026-34362 AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
CVE-2026-34362
WWBN AVideo (versions up to 26.0) has a vulnerability in the verifyTokenSocket() function (plugin/YPTSocket/functions.php) where token timeout validation was commented out, allowing WebSocket tokens to never expire despite a 12-hour timeout. This enables captured or legitimately obtained tokens t...
CVE-2026-34362 AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
CVE-2026-34362 AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
WWBN AVideo 代码问题漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from the uncommented token timeout verification in the verifyTokenSocket function, which could lead to permanen...
PT-2026-28620
Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description A flaw exists in AVideo where WebSocket tokens do not expire as intended due to a commented-out timeout validation within the verifyTokenSocket function located in...
CVE-2026-27813
CVE-2026-27813 affects the EVerest EV charging software stack. Versions prior to 2026.02.0 contain a data race that can lead to a use-after-free condition. The issue is triggered by EV plug-in/unplug events and RFID/RemoteStart/OCPP authorization events (or delayed authorization responses). A pat...
EUVD-2026-15392
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...
CVE-2026-23391
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...
CVE-2026-23391
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...
UBUNTU-CVE-2026-23391
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...
CVE-2026-23391
CVE-2026-23391 affects the Linux kernel netfilter xt_CT feature. The issue arises when templates reference nfqueue objects (e.g., helper, nfnetlink_cttimeout) that can be removed while packets are queued, potentially leaving pending packets. The vulnerability has been resolved by flushing enqueue...
CVE-2026-23391 netfilter: xt_CT: drop pending enqueued packets on template removal
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...