73 matches found
Using Vulnerable Libssh Version < 0.12 in Sentry
Last Modified Date Apr 20, 2026 4:13:44 AM...
EUVD-2012-6550
Malware in sbrugna...
EUVD-2020-0224
Malware in sbrugna...
EUVD-2021-1312
Malware in sbrugna...
PT-2025-35319
Name of the Vulnerable Software and Affected Versions gnark versions prior to 0.13.0 Description gnark is a zero-knowledge proof system framework. A denial of service issue can occur when computing scalar multiplication using the fake-GLV algorithm in versions prior to 0.13.0. This is due to the...
liboqs 信息泄露漏洞
liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. An information disclosure vulnerability exists in versions of liboqs prior to 0.12.0 that stems from an indexing error where part of the key is incorrectly treated as non-secret data, resulting in the...
CVE-2015-20111
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...
Bitcoin Core 安全漏洞
Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in versions of Bitcoin Core prior to 0.12 that stems from a lack of checking of snprintf return values, resulting in a buffer overflow and massive data leak...
AskAI (=0.1.0), ISP-SDK (>=0.1.0 <=0.2.3) +3832 more potentially affected by CVE-2024-32650 via rustls (>=0.12.0 <=0.21.0)
rustls CARGO version =0.12.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.2.0-beta.4, =0.21.0-alpha.1, =0.1.1, =0.11.0, =0.0.1, =0.0.7-alpha.3, =0.0.7-alpha.2, =0.0.7-alpha.1, =0.0.7-alpha.3, =0.11.3, =0.14.2 and more Source cves: CVE-2024-32650 Source advisory: OSV:RUSTSEC-2024-0336...
GHSA-WFM3-GQ9H-MRJM Appwrite Directory Traversal vulnerability
The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APPSTORAGECERTIFICATES/.well-known/acme-challenge must exist on disk. This pathname is automatically created if...
PT-2023-36100 · Unknown · Simd-Json-Derive
Name of the Vulnerable Software and Affected Versions: simd-json-derive versions prior to 0.12.0 Description: The issue arises from an invalid use of MaybeUninit::uninit.assume init in the derive macro of simd-json-derive, leading to undefined behavior. This misuse can cause invalid memory access...
SUSE CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation...
SUSE CVE-2016-1901
Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...
SUSE CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
PT-2023-19587 · Jenkins · Jenkins Bitbucket Oauth Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket OAuth Plugin versions 0.12 and earlier Description: The issue arises because the Jenkins Bitbucket OAuth Plugin does not invalidate the previous session on login, which can lead to potential security risks. Recommendations:...
DEBIAN-CVE-2022-47021
A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...
ALPINE-CVE-2022-47021
A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...
CVE-2022-27810
It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. This condition was only possible to trigger in dev-mode when asserts were enabled. This issue affects Hermes versions prior to v0.12.0...
CVE-2022-25295
This affects the package github.com/gophish/gophish before 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parser.FormValue"next" to extract path and eventually redirect user to a relative URL, but if next parameter starts with multiple...
Bottle does not properly limit content-types
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; semi-colon and a Content-Type that would not be accepted, as...