10 matches found
CVE-2026-54226
CVE-2026-54226 — Apache Kvrocks (RESTORE IntSet Integer Overflow) * Affects Kvrocks versions 2.6.0 through 2.15.0. The entry title indicates an integer overflow in RESTORE IntSet that can lead to a remote DoS. The fix is to upgrade to version 2.16.0. No exploitation details or in-the-wild status ...
360solutions-bc-mcp (=0.5.3), advanced-yaml (>=0.3.4 <=0.4.3) +295 more potentially affected by CVE-2026-44432 via urllib3 (>=2.6.0 <=2.6.3)
urllib3 PYPI version =2.6.0, =0.3.4, =0.1.0, =0.5.0, =0.24.2, =0.5.0, =1.0.5, =26.1.0, =26.5.0b1, =0.45.0, =0.2.6, =0.5.1, =1.6.6.8 and more Source cves: CVE-2026-44432 Source advisory: OSV:PYSEC-2026-142...
urllib3 安全漏洞
urllib3 is an open-source Python HTTP library developed by urllib3. This product features a thread-safe connection pool and support for file publishing. There were security vulnerabilities in the versions of urllib3 from 2.6.0 to 2.7.0. These vulnerabilities stemmed from the possibility of...
CVE-2025-57800 Audiobookshelf vulnerable to OIDC token exfiltration and account takeover
Audiobookshelf is an open-source self-hosted audiobook server. In versions 2.6.0 through 2.26.3, the application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a login link that causes Audiobookshelf to store an arbitrary callback in a cookie,...
PT-2025-34465 · Unknown · Audiobookshelf
Name of the Vulnerable Software and Affected Versions: Audiobookshelf versions 2.6.0 through 2.26.3 Description: Audiobookshelf is an open-source self-hosted audiobook server. The application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a log...
ai.ylyue:yue-library-base (=j11.2.6.2), ai.ylyue:yue-library-data-es (=j11.2.6.2) +3480 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=2.6.0 <=2.6.14)
org.springframework.boot:spring-boot-autoconfigure MAVEN version =2.6.0, =2.2.53, =0.23.9, =0.1.2, =5.7.0, =5.7.7, =5.7.0, =6.4.7 and more Source cves: CVE-2023-20883 Source advisory: OSV:GHSA-XF96-W227-R7C4...
SUSE CVE-2004-0110
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.2 <=4.6.0.0), ai.ylyue:yue-library-auth-client (=j11.2.6.0) +2346 more potentially affected by CVE-2022-22965 via org.springframework.boot:spring-boot-starter-web (>=2.6.0 <=2.6.5)
org.springframework.boot:spring-boot-starter-web MAVEN version =2.6.0, =4.4.0.2, =j11.2.6.0, =1.2.5.RELEASE, =0.1.2, =5.7.7, =5.7.7, =5.7.7, =1.0.0, =1.0.2, =1.0.0, =3.1.305, =3.1.305, =3.1.313 and more Source cves: CVE-2022-22965 Source advisory: OSV:GHSA-36P3-WJMG-H94X...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23566 via tensorflow (>=2.6.0 <=2.6.2)
tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23566 Source advisory: OSV:GHSA-5QW5-89MW-WCG2...
Wireshark Denial of Service Vulnerability (CNVD-2019-18506)
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A denial of service vulnerability exists in the CoAP parser in Wireshark versions 2.6.0...