Astra Linux - уязвимость в wireshark

In Wireshark versions 3.0.0 to 3.0.6, and 2.6.0 to 2.6.12, the CMS dissector could crash. This issue was addressed in the epan/dissectors/asn1/cms/packet-cms-template.c file by ensuring that an object identifier is set to NULL after the ContentInfo dissection...

EUVD-2020-3461

Malware in sbrugna...

EUVD-2025-14219

Malicious code in bioql PyPI...

RedisBloom 2.6.12 Integer Overflow

There is an integer overflow vulnerability in RedisBloom version 2.6.12, which is a module used in redis. The integer overflow vulnerability allows an attacker a redis client which knows the password to allocate memory in the heap lesser than the required memory due to wraparound. Then read and...

PT-2025-20608 · WordPress · Jeg Elementor Kit

Name of the Vulnerable Software and Affected Versions: Jeg Elementor Kit plugin for WordPress versions up to, and including, 2.6.12 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets due to insufficient input sanitization and outpu...

UBUNTU-CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

PT-2023-18602

Name of the Vulnerable Software and Affected Versions SUSE Rancher versions 2.6.7 through 2.6.12 SUSE Rancher versions 2.7.0 through 2.7.3 Description The issue is related to improper privilege management, where changes in Azure AD permissions are not reflected in the Rancher UI for logged-in...

SUSE CVE-2005-3858

Memory leak in the ip6inputfinish function in ip6input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed...

SUSE CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

PT-2023-34919 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.303 Description: The issue concerns the handling of extension header length in rawv6 push pending frames. It was introduced in version v2.6.12 and fixed in version v4.14.303. The actual impact and attack...

Ubuntu: Security Advisory (USN-250-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-319-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Symfony Session Fixation Vulnerability

A session fixation vulnerability within the "Remember Me" login feature allows an attacker to impersonate the victim towards the web application if the session id value was previously known to the attacker. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are...

GHSA-J5JH-HPR4-H332 Symfony Session Fixation Vulnerability

A session fixation vulnerability within the "Remember Me" login feature allows an attacker to impersonate the victim towards the web application if the session id value was previously known to the attacker. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are...

CVE-2021-24793

The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2020-11103

JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution...

Remote code execution

JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution...

Lenovo XClarity Administrator (LXCA) Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-29942 Potential Impact: Information disclosure Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-19756 Summary Description: An internal product security audit of Lenovo XClarity Administrator LXCA discovered Windows OS credentials, used to...