12640 matches found
SRC-2025-0001 : Samsung MagicINFO 9 Server ResponseBootstrappingActivity Exposed Dangerous Method Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO. Authentication is required and SaaS environment needs to be configured. The specific flaw exists within ability to dynamically create FTP accounts. An attack...
www/varnish7 -- Denial of Service in HTTP/2
Varnish Development Team reports: A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large number of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for th...
CVE-2023-45584
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0...
CVE-2025-3831 Exposed SFTP server
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...
CVE-2025-3831 Exposed SFTP server
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...
CVE-2024-52504
A vulnerability has been identified in SIPROTEC 4 6MD61 All versions, SIPROTEC 4 6MD63 All versions, SIPROTEC 4 6MD66 All versions, SIPROTEC 4 6MD665 All versions, SIPROTEC 4 7SA522 All versions, SIPROTEC 4 7SA6 All versions V4.78, SIPROTEC 4 7SD5 All versions V4.78, SIPROTEC 4 7SD610 All version...
CVE-2024-52504
A vulnerability has been identified in SIPROTEC 4 6MD61 All versions, SIPROTEC 4 6MD63 All versions, SIPROTEC 4 6MD66 All versions, SIPROTEC 4 6MD665 All versions, SIPROTEC 4 7SA522 All versions, SIPROTEC 4 7SA6 All versions V4.78, SIPROTEC 4 7SD5 All versions V4.78, SIPROTEC 4 7SD610 All version...
SUSE-SU-2025:02755-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. - CVE-2025-5318: Fixed likely read beyond bounds in sftp server...
Siemens多款产品 代码问题漏洞
Siemens SIPROTEC 4 is a multifunction relay from Siemens Germany. A code issue vulnerability exists in various Siemens products that stems from mishandling of a file transfer operation, which could result in a denial of service. The following products are affected: SIPROTEC 4 6MD61, 6MD63, 6MD66,...
Linux Distros Unpatched Vulnerability : CVE-2021-47229
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not ye...
Exploring Cross-Stage Adversarial Transferability in Class-Incremental Continual Learning
Class-incremental continual learning addresses catastrophic forgetting by enabling classification models to preserve knowledge of previously learned classes while acquiring new ones. However, the vulnerability of the models against adversarial attacks during this process has not been investigated...
CVE-2025-25235
Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...
BIT-LIBPYTHON-2021-4189
A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...
Security Bulletin: Astronomer with IBM is vulnerable to memory consumption and denial of service due to the net/http package (CVE-2021-44716, CVE-2022-27664)
Summary net/http is used by Astronomer with IBM as part of the request processing functionality. Vulnerability Details CVEID:CVE-2021-44716 DESCRIPTION: net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2...
CVE-2025-8863
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...
CVE-2025-8863
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...
CVE-2025-8860
A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...
SUSE-SU-2025:02745-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318...
YugabyteDB 安全漏洞
YugabyteDB is a high-performance transactional distributed SQL database for cloud-native applications from Yugabyte USA. A security vulnerability exists in YugabyteDB that stems from a diagnostic information transfer over HTTP that could lead to the disclosure of sensitive data...
Linux Distros Unpatched Vulnerability : CVE-2020-1934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Note that Nessus relies o...