The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum…

A batch loader function in Spring for GraphQL versions 1.1.0 – 1.1.5 and 1.2.0 – 1.2.2 may be exposed to GraphQL context with values, including…

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “fâ€� parameter is not properly…

Use after free vulnerability exists in Kostac PLC Programming Software Version 1.6.11.0. Arbitrary code may be executed by having a user open a specially crafted…

Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially…

An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes…

** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the “admin.xml” file, which can be accessed without logging into the…

** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in the RCPbind service running on UDP port (111), allowing a remote attacker to create a denial of service…

** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices allows a potential attacker to create custom requests to…

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation,…