CVE-2025-11508

A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/votersadd.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and...

CVE-2025-11508

Voting System 1.0 contains a vulnerability in /admin/voters_add.php where manipulating the photo argument enables unrestricted file uploads. The issue is remotely exploitable and has publicly disclosed exploit information. No patch/version remediation details are provided in the supplied document...

Linux Distros Unpatched Vulnerability : CVE-2018-11508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via...

CVE-2019-11508

In Pulse Secure Pulse Connect Secure PCS before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker via the admin web interface can exploit Directory Traversal to execute arbitrary code on the appliance...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-11508)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow suffers from an input validation error vulnerability, which stems from the fact that implementations of dequantized shape inference are vulnerable to integer overflow weaknesses, whi...

CVE-2020-11508

CVE-2020-11508 affects WordPress WP Lead Plus X plugin up to version 0.98. The vulnerability is an XSS flaw in the page builder caused by an unprotected AJAX action wp_ajax_core37_lp_save_page, allowing a logged-in user with minimal permissions to save or replace pages with arbitrary JavaScript. ...

CVE-2020-11508

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows logged-in users with minimal permissions to create or replace existing pages with a malicious page containing arbitrary JavaScript via the wpajaxcore37lpsavepage aka core37lpsavepage AJAX action...

CVE-2019-11508

CVE-2019-11508 affects Pulse Connect Secure (PCS) / Pulse Policy Secure (PPS) via the Pulse Secure vulnerability set. According to the connected sources, this CVE is a post‑auth issue in which an authenticated end-user can upload a malicious file to write arbitrary files to the local system on th...

Ubuntu: Security Advisory (USN-3718-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3718-2: Linux kernel (HWE) regression

USN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement Kernel HWE kernel for Ubuntu 16.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This updat...

Ubuntu: Security Advisory (USN-3697-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3697-1: Linux kernel vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...

DEBIAN-CVE-2018-11508

The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...

CVE-2018-11508

The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...

CVE-2018-11508

The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...

CVE-2017-11508

SecurityCenter 5.5.0–5.5.2 contain a SQL Injection vulnerability exploitable by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could insert a crafted SQL query into the password field of a diagnostic scan, potentially gaining unauthorized access to the Secur...

[R1] SecurityCenter 5.6.0 Fixes One Vulnerability

SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password field of a...

Fedora Update for glibc FEDORA-2012-11508

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...