CVE-2025-13309

creationtimestamp| type| source ---|---|--- 2025-12-06 10:03:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7cqpgd2kk2q...

Linux Distros Unpatched Vulnerability : CVE-2020-13309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirrori...

RHEL 9 : libxml2 (RHSA-2025:13309)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13309 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: Heap Use-After-Free in...

CVE-2017-13309

In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-31509

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2024-13309

Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1...

CVE-2024-13309

CVE-2024-13309 affects the Drupal Login Disable module (versions 2.0.0–2.1.1). The root cause is improper authentication/incorrect access control, enabling a bypass of login protection intended by the module. The vulnerability could allow an attacker to log in or bypass restrictions for existing ...

CVE-2024-13309 Login Disable - Critical - Access bypass - SA-CONTRIB-2024-073

Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1...

CVE-2024-13309 Login Disable - Critical - Access bypass - SA-CONTRIB-2024-073

Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1...

GitLab 1.0 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13309)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature. CVE-2020-13309 Note that...

Important: ImageMagick

Issue Overview: Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service segmentation fault or possibly execute arbitrary code via vectors involving the offset variable. CVE-2016-5841 ImageMagick 7.0.7-12 Q16, a CPU exhaustion...

CVE-2021-31509

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2021-31509

CVE-2021-31509 affects OpenText Brava! Desktop 16.6.3.84. The vulnerability stems from the parsing of DXF files, where insufficient validation of user-supplied data allows a write past the end of an allocated buffer, enabling remote code execution in the context of the current process. Exploitati...

CVE-2020-13309

GitLab versions before 13.1.10, 13.2.8 and 13.3.4 are affected by a blind SSRF vulnerability via the repository mirroring feature. Root cause: SSRF in repository mirroring. Impact per documented data indicates high potential impact; remediation is upgrading to fixed versions (13.1.10+, 13.2.8+, 1...

Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1806)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-13309

creationtimestamp| type| source ---|---|--- 2019-07-05 04:00:10+00:00| seen| https://t.me/cveNotify/231...

CVE-2019-13309

CVE-2019-13309 : ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory caused by mishandling NoSuchImage in CLIListOperatorImages (MagickWand/operation.c). This can allow memory exhaustion leading to a denial of service. The advisory notes the issue and recommends updating ImageMagick ...

CVE-2018-13309

CVE-2018-13309 affects the TOTOLINK A3002RU router (version 1.0.8). A cross-site scripting flaw exists in the password.htm page, allowing a remote attacker to cause arbitrary JavaScript execution via the user’s password. Public documents (CNVD-2018-24106 and NVD entry) confirm the affected produc...