PT-2026-33094

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine affected versions not specified Description Insufficient validation of user-supplied input allows an authenticated remote attacker with at least Read Only Admin credentials to execute arbitrary commands on the...

Cisco Unity Connection 安全漏洞

Cisco Unity Connection UC is a voice messaging platform developed by the American company Cisco. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection UC, which stems from improper validation of HTTP...

GHSA-355H-QMC2-WPWF Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

Description as reported Jetty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Background This vulnerability is a new variant discovered while researching the "Funky Chunks" HTTP request smuggling techniques: -...

GHSA-X5R2-R74C-3W28 free5gc UDR improper path validation allows unauthenticated access to Traffic Influence Subscriptions

Summary An improper path validation vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface SBI to read Traffic Influence Subscriptions by supplying an arbitrary value in place of the expected subs-to-notify path segment. Details The...

CLSA-2026-1776174115 squid: Fix of 3 CVEs

CVE-2026-32748: ICP: fix HttpRequest lifetime for ICP v3 queries - CVE-2026-33515: ICP: fix validation of packet sizes and URLs - CVE-2026-33526: do not escape malformed URI twice when sending ICP errors...

PT-2026-32976

Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description A fail-open request handling flaw exists in the UDR service. The PUT handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify/subsId' does not terminate execution after request body...

Totolink A3002MU formWlanSetup file wan-url parameter stack buffer overflow vulnerability

Totolink A3002MU is a wireless router product that provides network connectivity and wireless access. A stack buffer overflow vulnerability exists in the Totolink A3002MU. The vulnerability stems from a failure to properly handle the wan-url parameter in the HTTP request handling component, which...

EUVD-2026-22034

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

CVE-2026-6194

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

TOTOLINK A3002MU 安全漏洞

Totolink A3002MU is a wireless router product that provides network connectivity and wireless access. A stack buffer overflow vulnerability exists in the Totolink A3002MU. The vulnerability stems from a failure to properly handle the wan-url parameter in the HTTP request handling component, which...

OESA-2026-1881 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: BusyBox...

OESA-2026-1879 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: BusyBox...

CVE-2025-50664

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /usergroup.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...

CVE-2025-50661

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /urlrule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log...

CVE-2026-33705 Chamilo LMS has unauthenticated access to Twig template source files exposes application logic

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files .tpl under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These templates expose internal application logic, variable names, AJAX endpoint URLs, and admin panel...

DSpace 7.x / 8.x XMLUI Data Extraction

This Python script sends an HTTP request to a DSpace XMLUI "discover" endpoint using specific query parameters and session cookies. It attempts to retrieve up to 100 records in XML format and saves the response locally as a raw XML dump file. After downloading the data, it performs a basic text...

UBUNTU-CVE-2026-5438

A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with Content-Encoding: gzip. The server does not enforce limits on decompressed size and allocates memory based on attacker-controlled compression metadata. A specially crafted gzip payload can trigger excessive...

CLSA-2026-1775724625 Fix CVE(s): CVE-2026-32748, CVE-2026-33526

SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 SECURITY UPDATE: denial of service via use-after-free in ICP request handli...

Apache Tomcat 环境问题漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Versions of Apache Tomcat 11.0.18 and earlier, 10.1.52 and earlier, 9.0.115 and earlier, 8.5.100 and earlier, and 7.0.109 and...

DEBIAN-CVE-2026-39882

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to 1.43.0, the otlp HTTP exporters traces/metrics/logs read the full HTTP response body into an in-memory bytes.Buffer without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...