UBUNTU-CVE-2026-34500

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to...

EUVD-2021-6570

Malicious code in bioql PyPI...

EUVD-2022-27093

Malicious code in bioql PyPI...

BIT-NIFI-2020-27223

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e. q parameters, the server may enter a denial of service DoS state due to high CPU usage processing those quality...

CVE-2021-2104

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2024-0245 Task Hijacking in hamza417/inure

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a...

GHSA-9625-P7PG-3CXG vulnerabilities

Vulnerabilities for packages: postgresql...

UBUNTU-CVE-2024-12292

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs...

Microsoft Windows Error Reporting Security Vulnerability

Microsoft Windows Error Reporting WER is a component of Microsoft Corporation USA. It enables users to notify Microsoft of application failures, kernel failures, unresponsive applications, and other application-specific problems. A security vulnerability exists in Microsoft Windows Error Reportin...

CVE-2022-42444

IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538...

K68151373: IP Intelligence Feed List TMUI vulnerability CVE-2019-6636

Security Advisory Description On BIG-IP AFM, ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. Th...

CVE-2022-20484

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Netapp E-Series SANtricity OS Controller Software 输入验证错误漏洞

Netapp E-Series SANtricity OS Controller Software is a disk array OS controller software from Netapp, Inc. A security vulnerability exists in Netapp E-Series SANtricity OS Controller Software versions 11.x through 11.70.2, which stems from vulnerability to host header injection attacks. An attack...

Apple Mac OS X Security Update (HT212979)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker to cause...

Google Android 缓冲区错误漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker to achieve...

Netapp E-Series SANtricity OS Controller Software 安全漏洞

Netapp E-Series SANtricity OS Controller Software is a disk array OS control software from American NetApp Netapp. A security vulnerability exists in E-Series SANtricity OS Controller Software versions 11.x through 11.70.1, which can be exploited by remote attackers to cause a partial denial of...

CVE-2021-32029

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

Google Android System Remote Code Execution Vulnerability (CNVD-2021-43416)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in the System component of Google Android versions 10 and 11, which can be exploited by an attacker to achieve remote...

Google Android 资源管理错误漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker to achieve...