37 matches found
Astra Linux - уязвимость в mariadb-10.3
It was discovered that MariaDB versions from 10.2 to 10.6.1 contain a segmentation fault due to the Itemsubselect::initexprcachetracker component...
CVE-2022-38216
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...
Security Bulletin: Due to the use of Redis, IBM DataPower Gateway is vulnerable to a denial of service
Summary Redis is used in the API Gateway component, and for load balancing. CVE-2025-32023, CVE-2025-48367 Vulnerability Details CVEID:CVE-2025-32023 DESCRIPTION: Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticat...
EUVD-2018-11732
Malware in sbrugna...
WordPress Booking Calendar Plugin <= 10.6 is vulnerable to Cross Site Scripting (XSS)
Software Booking Calendar Type Plugin Vulnerable versions = 10.6 Fixed in 10.6.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9306 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 26b629a533d0 Credits zhenhua fan Required...
Apple Security Update: watchOS 10.6.1
Apple recommends to install security update watchOS 10.6.1 on devices Apple Watch Series 4 and later...
BIT-MARIADB-2022-32083
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Itemsubselect::initexprcachetracker...
CVE-2023-37267 Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1...
CVE-2023-37267 Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1...
PT-2023-25870 · Umbraco · Umbraco
Name of the Vulnerable Software and Affected Versions: Umbraco versions prior to 10.6.1 Umbraco versions prior to 11.4.2 Umbraco versions prior to 12.0.1 Description: Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions, potentially leading to...
mariadb: server crash at Item_subselect::init_expr_cache_tracker
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Itemsubselect::initexprcachetracker...
Mapbox 输入验证错误漏洞
Mapbox is a location data platform for mobile and Web applications from Mapbox, Inc. A buffer overflow vulnerability exists in versions prior to Mapbox gl-native 10.6.1, which stems from excessive image height and width values when creating new images, and can be exploited to cause Mapbox process...
mariadb: server crash at Item_subselect::init_expr_cache_tracker
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Itemsubselect::initexprcachetracker...
Cisco Connected Mobile Experiences (CMX) 访问控制错误漏洞
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A user enumeration vulnerability exists in API authorization for Cisco Connected Mobile Experiences...
Vulnerabilities fixed in McAfee Endpoint Security
McAfee has fixed vulnerabilities in End Point Security. A local malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or by obtaining elevated permissions to stop the anti-virus process and thereby deploy undetected implement malware. McAfee has released...
Cisco Connected Mobile Experiences Elevation of Privilege Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. An elevation of privilege vulnerability exists in Cisco Connected Mobile Experiences 10.6.0, 10.6.1...
McAfee Endpoint Security Access Control Error Vulnerability
McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on...
McAfee Endpoint Security Configuration tool Access Control Error Vulnerability
McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of intelligent collaboration and advanced threat defense framework. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics , etc. Configuration too...
CVE-2019-16193
In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting XFS attack through the EDIT MY PROFILE feature...
NewStart CGSL CORE 5.04 / MAIN 5.04 : pki-core Vulnerability (NS-SA-2019-0063)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pki-core packages installed that are affected by a vulnerability: - Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny...