12642 matches found
Important: containerd
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Important: containerd
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system allows a hacker to gain unauthorized access to read, add, modify, or delete data.
The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to read, add, modify, or delete...
ZendTo 安全漏洞
ZendTo is a web-based file transfer system from ZendTo Inc. A security vulnerability exists in ZendTo 6.10-6 Beta and earlier versions, which stems from an os command injection due to the misbehavior of the parameter file1 in the file NSSDropoff.php...
DAVSP: Safety Alignment for Large Vision-Language Models Via Deep Aligned Visual Safety Prompt
Large Vision-Language Models LVLMs have achieved impressive progress across various applications but remain vulnerable to malicious queries that exploit the visual modality. Existing alignment approaches typically fail to resist malicious queries while preserving utility on benign ones effectivel...
Important: cni-plugins
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Important: amazon-ssm-agent
Issue Overview: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. CVE-2025-22869 Affected Packages:...
OESA-2025-1611 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size...
CVE-2025-5666
A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed...
CVE-2025-5664
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-5635
A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
The vulnerability of the Service Diagnostics Scripts component of the OracleTeleservice module in the Oracle E-Business Suite automation system allows a perpetrator to disclose protected information.
The vulnerability of the Service Diagnostics Scripts component of the Oracle Teleservice module in the Oracle E-Business Suite system relates to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose protected informatio...
CVE-2025-5596
A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component REGET Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public...
CVE-2025-5592
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component PASSIVE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2025-5549
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...
CVE-2025-5548
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that stems from the PASV Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
Arris VIP1113 安全漏洞
The Arris VIP1113 is a set-top box for high-definition IPTV services from Arris USA. A security vulnerability exists in the Arris VIP1113 version 2025-05-30 and earlier, which stems from the fact that remote file names with space characters in TFTP may lead to local file name control...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat, Inc. A security vulnerability exists in FreeFloat FTP Server version 1.0, which stems from a buffer overflow problem in the PBSZ command handler...
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-978)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-978 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...