15 matches found
CVE-2026-45191
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
EUVD-2008-0022
Malware in sbrugna...
EUVD-2025-5873
Malicious code in bioql PyPI...
CVE-2025-50405
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...
PT-2025-20420 · Totolink · Totolink A950Rg
Name of the Vulnerable Software and Affected Versions: TOTOlink A950RG version 4.1.2cu.5204 B20210112 Description: The issue arises from improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of the /lib/cste modules/system.so module. This leads to a buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2024-55553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer...
Linux Distros Unpatched Vulnerability : CVE-2024-41091
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the...
CVE-2025-24970
Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2825)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
PT-2023-23913 · Intel · Intel Nuc Rugged Kit +2
Name of the Vulnerable Software and Affected Versions: IntelR NUC Rugged Kit, IntelR NUC Kit and IntelR Compute Element BIOS firmware affected versions not specified Description: The issue is related to improper input validation in the BIOS firmware of certain Intel products, which may allow a...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart ST controllers, related to deficiencies in the validation of user-input data, allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of Rockwell Automation’s ArmorStart ST engine controllers is related to deficiencies in the validation of user input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting XSS attacks remotely...
CVE-2023-29195 Vitess VTAdmin users that can create shards can deny access to other functions
Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing / characters from VTAdmin such that from that point on, anyone who tries to create a new shard fr...
CVE-2019-5461
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...
Espcms V5. 6. 1 3. 0 4. 2 2 UTF8 the official version of the background logic validation error vulnerability of the 2/N-vulnerability warning-the black bar safety net
Brief description: System backend permission check logic problems, resulting in the background of a module function is bypassed and unauthorized access Detailed description: 后台 管理员 权限 校验 在 文件 \public\classconnector.php: function adminpurview if $this-fun-accept'archive', 'R' == 'filemanage' &&...
Advisory CA-2000-08
CERT Advisory CA-2000-08 Inconsistent Warning Messages in Netscape Navigator Original release date: May 26, 2000 Last Revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Systems running Netscape Navigator, up to and including Navigator 4.73, withou...