GHSA-6JWV-W5XF-7J27 Withdrawn Advisory: go.etcd.io/bbolt affected by index out-of-range vulnerability

Withdrawn Advisory This advisory has been withdrawn because its CVE Numbering Authority has determined this issue to be a false positive. This link is maintained to preserve external references. Original Description Index out-of-range when encountering a branch page with zero elements in...

EUVD-2026-19406

Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt...

Withdrawn Advisory: go.etcd.io/bbolt affected by index out-of-range vulnerability

Withdrawn Advisory This advisory has been withdrawn because its CVE Numbering Authority has determined this issue to be a false positive. This link is maintained to preserve external references. Original Description Index out-of-range when encountering a branch page with zero elements in...

CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...

UBUNTU-CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

CVE-2026-35184

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0...

EUVD-2026-19468

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0...

CVE-2026-35184 EcclesiaCRM has a Critical SQL Injection

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0...

CVE-2026-33817

Rejected reason: CVE confirmed to be a false positive...

DEBIAN-CVE-2026-33817

Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt...

UBUNTU-CVE-2026-33817

Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt...

CVE-2026-33817

Rejected reason: CVE confirmed to be a false positive...

CVE-2026-33817

CVE-2026-33817 affects go.etcd.io/bbolt. The issue is an index-out-of-range error when processing a branch page that has zero elements. Root cause and impact are described in the connected CVE records as a vulnerability in the bbolt component; no explicit exploit details, affected versions, or re...

CVE-2026-33817

Removed by vendor...

CVE-2026-33817

...

CVE-2026-33817

Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect through the redirecturi parameter in multiple endpoints ForgotPassword, MagicLinkLogin, Signup, InviteMembers, OAuthLoginHandler, VerifyEmailHandler which is not validated against AllowedOrigins. An attacker can obtain...

Exploit for Classic Buffer Overflow in Apple Ipados

⚠️ CVE-2026-28858 — Buffer Overflow en Apple iOS/iPadOS ╔...

GO-2026-4923 WITHDRAWN: out-of-range-index in go.etcd.io/bbolt

This report has been withdrawn with reason: "Reporter and maintainer have confirmed this as false positive". Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt...

CVE-2026-34975

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.8.0, a CRLF header injection vulnerability was discovered in SESService.ts, where user-supplied values for from.name, subject, custom header keys/values, and attachment filenames were interpolated directly into raw MIME...