1720 matches found
MiracleLinux 4 : rh-python34-python-3.4.2-14.AXS4 (AXSA:2016-651:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-651:01 advisory. Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially ho...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001299)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001299 advisory. The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing loc...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002321)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002321 advisory. In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. Tenable has...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003541 advisory. The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing loc...
CVE-2023-4950
The Interactive Contact Form and Multi Step Form Builder WordPress plugin before 3.4 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
CVE-2025-67721 Aircompressor's Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via...
PT-2025-51030
Name of the Vulnerable Software and Affected Versions Aircompressor versions 3.3 and below Description Aircompressor is a Java library providing ports of Snappy, LZO, LZ4, and Zstandard compression algorithms. Incorrect handling of malformed data in the Java-based decompressor implementations for...
CVE-2025-62999
Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through = 3.5...
CVE-2025-62999
CVE-2025-62999 affects the WordPress Litho Addons plugin (themezaa Litho Addons) up to version 3.4. Root cause: missing/incorrectly configured authorization leading to broken access control. Impact described as exploitation of access control security levels without details on specific vectors or ...
PT-2025-50024
Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through = 3.4...
CVE-2025-13397
A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
dev.savantly.nexus:agents-module (=3.4.0), dev.savantly.nexus:common-types-module (=3.4.0) +152 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-applib (>=2.0.0-RC1 <=3.4.0)
org.apache.causeway.core:causeway-applib MAVEN version =2.0.0-RC1, =3.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-applib and may be impacted: - dev.savantly.nexus:agents-module =3.4.0 -...
mruby/c 代码问题漏洞
mruby/c is a C language library in the ITOC mruby/c team.open source. A code issue vulnerability exists in mruby/c version 3.4 and earlier, which stems from improper manipulation of the parameter ptr to function mrbcrawrealloc in file src/alloc.c, which may result in a null pointer dereference...
CVE-2025-63829
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Timet:: fraction function...
CVE-2025-27712
Improper neutralization for some IntelR Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2025-64181
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...
CVE-2025-64182
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...
CVE-2025-64181
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...
CVE-2025-60215
Deserialization of Untrusted Data vulnerability in designthemes Kriya kriya allows Object Injection.This issue affects Kriya: from n/a through = 3.4...