10 matches found
CVE-2025-54166
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...
PT-2024-1137
Name of the Vulnerable Software and Affected Versions Relax-and-Recover aka ReaR versions 2.7 and earlier Description The issue is related to information disclosure. It allows local attackers to gain access to system secrets that are otherwise only readable by root. This occurs when using GRUB...
[SECURITY] [DSA 5399-1] odoo security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5399-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 05, 2023 https://www.debian.org/security/faq -...
SUSE CVE-2022-23581
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a SavedModel such that IsSimplifiableReshape would trigger CHECK failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...
CVE-2022-41853 Remote code execution in HyperSQL DataBase
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...
GHSA-VP5X-3V8R-QPRW Deserialization of Untrusted Data in Dubbo
A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some...
Photon OS 1.0: Dnsmasq / Libtasn1 PHSA-2018-1.0-0109 (deprecated)
An update of 'libtasn1', 'dnsmasq' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0109. The text itself is copyright C...
K2 Joomla! Extension Cross Site Scripting
================================================================ K2 Joomla! Extension PoC: http://localhost/administrator/index.php?option=comk2&view=categori...
SAP Crystal Reports 'ebus-3-3-2-7.dll'远程代码执行漏洞
BUGTRAQ ID: 55086 SAP Crystal Reports是报表制作产品。 SAP Crystal Reports在实现上存在远程代码执行漏洞,攻击者可利用此漏洞在受影响应用中执行任意代码。 0 SAP Crystal Reports 厂商补丁: SAP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.onapsis.com/...
SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The flaw exists within the ebus-3-3-2-7.dll component which is used by the crystalras.exe service. This process...