PT-2025-45067

Name of the Vulnerable Software and Affected Versions Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction versions prior to 2.16.5 Description The plugin is susceptible to unauthorized data modification because of a missing capability and validation...

EUVD-2023-2878

Malicious code in bioql PyPI...

EUVD-2023-31253

Malicious code in bioql PyPI...

PT-2025-20860 · Siemens · Ruggedcom Rox Mx5000 +8

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM ROX MX5000 versions prior to V2.16.5 RUGGEDCOM ROX MX5000RE versions prior to V2.16.5 RUGGEDCOM ROX RX1400 versions prior to V2.16.5 RUGGEDCOM ROX RX1500 versions prior to V2.16.5 RUGGEDCOM ROX RX1501 versions prior to V2.16.5...

CVE-2023-6022

Cross-Site Request Forgery CSRF in GitHub repository prefecthq/prefect prior to 2.16.5...

CVE-2023-6022 Cross-Site Request Forgery (CSRF) in prefecthq/prefect

Cross-Site Request Forgery CSRF in GitHub repository prefecthq/prefect prior to 2.16.5...

PT-2023-32482 · Prefect · Prefect

Name of the Vulnerable Software and Affected Versions: prefect versions prior to 2.16.5 Description: The issue allows an attacker to steal secrets and potentially gain remote code execution via Cross-Site Request Forgery CSRF using the Prefect API. This can be exploited in self-hosted, open sourc...

CVE-2023-27486

CVE-2023-27486 affects xCAT prior to 2.16.5. When zones are enabled for cluster security, a local root user on a node can obtain credentials to SSH to any node across zones (excluding the default-zone management node). The issue is resolved in xCAT 2.16.5. If upgrading is not possible, mitigation...

CVE-2023-27486 Insufficient authorization validation between zones when xCAT zones are enabled

xCAT is a toolkit for deployment and administration of computer clusters. In versions prior to 2.16.5 if zones are configured as a mechanism to secure clusters in XCAT, it is possible for a local root user from one node to obtain credentials to SSH to any node in any zone, except the management...

CVE-2023-27486 Insufficient authorization validation between zones when xCAT zones are enabled

xCAT is a toolkit for deployment and administration of computer clusters. In versions prior to 2.16.5 if zones are configured as a mechanism to secure clusters in XCAT, it is possible for a local root user from one node to obtain credentials to SSH to any node in any zone, except the management...

CVE-2020-10941

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information an RSA private key by measuring cache usage during an import...

PT-2020-2637

Name of the Vulnerable Software and Affected Versions Arm Mbed TLS versions prior to 2.16.5 Description The issue allows attackers to obtain sensitive information, specifically an RSA private key, by measuring cache usage during an import. This is related to the implementation of TLS and SSL...

Fedora 31 : mbedtls (2020-0ab860bb95)

Update to 2.16.5 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-r eleased Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security -advisory-2020-02 Note that Tenable Network Security has extracted the preceding description...

GNOME显示管理器G_Strsplit函数本地拒绝服务漏洞

BUGTRAQ ID: 25191 CVE ID:CVE-2007-3381 CNCVE ID:CNCVE-20073381 GNOME Display Manager是Gnome的显示管理器。 GNOME Display Manager GStrsplit函数不正确处理GDM套接字命令，本地攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建特殊的GDM报文命令会引起GDM停止管理显示，导致拒绝服务。目前没有详细漏洞细节提供。 GNOME GDM 2.19.4 GNOME GDM 2.19.3 GNOME GDM 2.19.2 GNOME GDM 2.19.1 GNOME GDM...