362 matches found
Advisory ROSA-SA-2024-2517
software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...
PT-2024-34356
Name of the Vulnerable Software and Affected Versions: GSL GNU Scientific Library versions prior to 2.9 Description: The issue is caused by an integer signedness error in the gsl siman solve many function, located in siman/siman.c. This error occurs when params.n tries is negative, resulting in...
CVE-2024-28168
A flaw was found in Apache XML Graphics FOP. This vulnerability allows remote attackers to cause issues via improper handling of XML External Entity XXE references. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
GHSA-JQFV-JRVQ-95JM Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
Apache XML Graphics FOP 代码问题漏洞
Apache XML Graphics FOP is a Java application for converting XSL-FO files to PDF or other printable formats from the Apache Foundation USA. A code issue vulnerability exists in Apache XML Graphics FOP version 2.9, which stems from the presence of an incorrectly restricted XML external entity...
RHBA-2020:0784 Red Hat Bug Fix Advisory: Ansible 2.9.6 release for Ansible Engine 2.9
Bulletin has no description...
CVE-2024-45506
A flaw was found in HAProxy. An issue in the HTTP/2 multiplexer combined with the zero-copy forwarding system allows remote attackers to trigger under very rare conditions an endless loop and cause a denial of service. Mitigation Disable the zero-copy forwarding system to mitigate this issue. Add...
CVE-2024-45506
HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...
PT-2024-31410 · I-Educar · I-Educar
Name of the Vulnerable Software and Affected Versions: i-Educar versions prior to 2.9 Description: A SQL Injection vulnerability was found in the ieducar/intranet/funcionario vinculo det.php file, which creates the query by concatenating the unsanitized GET parameter cod func, allowing the attack...
OPENSUSE-SU-2024:10278-1 criu-2.9-1.1 on GA media
These are all security issues fixed in the criu-2.9-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:10776-1 gcab-1.4-2.9 on GA media
These are all security issues fixed in the gcab-1.4-2.9 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11484-1 libunshield0-1.4.3-2.9 on GA media
These are all security issues fixed in the libunshield0-1.4.3-2.9 package on the GA media of openSUSE Tumbleweed...
PT-2024-12582 · Maxime Schoeni · Sublanguage
Name of the Vulnerable Software and Affected Versions: Sublanguage versions n/a through 2.9 Description: The issue is related to a Missing Authorization vulnerability in Maxime Schoeni Sublanguage. Recommendations: For Sublanguage versions n/a through 2.9, update to a version that includes the fi...
CVE-2023-49441
dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery...
CVE-2023-49441
dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery...
PT-2024-13737 · Dnsmasq +1 · Dnsmasq +1
Name of the Vulnerable Software and Affected Versions: dnsmasq version 2.9 Description: The issue is related to an Integer Overflow via forward query. Recommendations: For dnsmasq version 2.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability...
CVE-2024-31395
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this...
Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.exposeconfig" configuration The celery provider is the only community provider...
CVE-2024-31869
The CVE affects Apache Airflow 2.7.0–2.8.4, where an authenticated user can view sensitive provider configuration on the configuration UI if webserver.expose_config is set to non-sensitive-only; the Celery provider is noted as having sensitive configurations. Impact is information disclosure via ...
CVE-2024-27279
Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a use...