CVE-2023-54349

AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...

Astra Linux - уязвимость в symfony

Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. The ability to enumerate users was possible without requiring relevant permissions, as the handling differed depending on whether the user existed or not when trying to use the “switch users”...

Security Bulletin: IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability (WS-2026-0003)

Summary IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability WS-2026-0003. This has been addressed in the remediation section. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength...

EUVD-2023-60574

AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...

CVE-2023-54349 AmazCart CMS 3.4 Reflected Cross-Site Scripting via Search

AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...

CVE-2023-54349 AmazCart CMS 3.4 Reflected Cross-Site Scripting via Search

AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...

RHCOS 3 : OpenShift Container Platform 3.4 (RHSA-2018:3752)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3752 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...

Astra Linux - уязвимость в wireshark

Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...

JLSEC-2026-261 Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter...

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

CVE-2026-39324 vulnerabilities

Vulnerabilities for packages: ruby3.3-rails, logstash, ruby3.2-rails, pact-broker-docker-fips, pact-broker-docker, ruby3.4-rails, ruby4.0-rails...

GHSA-QV7J-4883-HWH7 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.2-rails, gitlab-rails-ce, gitlab-rails-ce-fips, pact-broker-docker-fips, pact-broker-docker, ruby3.4-rails, gitlab-cng...

CVE-2026-34831 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.2-rails, gitlab-rails-ce, gitlab-rails-ce-fips, pact-broker-docker-fips, pact-broker-docker, ruby3.4-rails, gitlab-cng...

CVE-2026-26961 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.2-rails, gitlab-rails-ce, gitlab-rails-ce-fips, pact-broker-docker-fips, pact-broker-docker, ruby3.4-rails, gitlab-cng...

CVE-2018-25253 Termite 3.4 Denial of Service via Settings Buffer Overflow

Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...

CVE-2018-25253

Termite 3.4 contains a local denial-of-service vulnerability caused by a buffer overflow in the Settings -> User interface language settings field. A 2000-byte payload can crash the application, indicating a vulnerable input handling path in the UI language setting. The available sources descr...

Compuphase Termite 缓冲区错误漏洞

Compuphase Termite is a serial terminal tool developed by the Dutch company Compuphase. Version 3.4 of Compuphase Termite contains a buffer overflow vulnerability. This vulnerability stems from an issue with the user interface language settings field, which may lead to local attackers causing the...

PT-2026-30373

Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...

Python Library OpenEXR 3.4.x < 3.4.7 Heap Buffer Overflow (OOB Read)

The version of the OpenEXR Python package installed on the remote host is 3.4.x prior to 3.4.7. It is, therefore, affected by a heap buffer overflow vulnerability: - A heap-buffer-overflow out-of-bounds read occurs in the the HTJ2K decoder in OpenEXR when copying decompressed samples from OpenJPH...

K000160557: OpenSSL vulnerability CVE-2025-69418

Security Advisory Description Issue summary: When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths, inputs whose length is not a multiple of 16 bytes can leave the final partial block unencrypted and unauthenticated. Impact summary: The trailing 1-15 bytes...

CVE-2026-33658 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, ruby3.4-rails...