CVE-2022-31291

An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...

CVE-2024-31291

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6...

Alibaba Cloud Linux 3 : 0064: compat-exiv2-026 (ALINUX3-SA-2021:0064)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-31291: REJECT DO NOT USE THIS CANDIDATE...

CVE-2024-31291

creationtimestamp| type| source ---|---|--- 2025-02-06 02:42:30+00:00| seen| Telegram/7ZImlyCPBZXws5t2TEURTUZq9suLjRBeEDEGxUBLMVOrw...

CentOS 7 : compat-exiv2-023 (RHSA-2021:3234)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3234 advisory. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users...

CVE-2024-31291

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6...

CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6...

CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6...

WordPress ProfileGrid Plugin <= 5.7.6 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.6 Fixed in 5.7.7 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-31291 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1fdaca4c89b3 Credits Kyle Sanchez...

NewStart CGSL CORE 5.05 / MAIN 5.05 : compat-exiv2-026 Vulnerability (NS-SA-2023-0022)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has compat-exiv2-026 packages installed that are affected by a vulnerability: - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All...

Debian: Security Advisory (DLA-3231-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3889-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-31291

creationtimestamp| type| source ---|---|--- 2022-10-27 16:57:24+00:00| seen| https://t.me/cibsecurity/44657...

CVE-2022-31291

An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...

CVE-2022-31291

The CVE-2022-31291 issue affects dlt-daemon (version 2.18.8) in the dlt_config_file_parser.c component, enabling a double-free when processing crafted TCP packets. This is a network‑accessible vulnerability with high impact on availability (per CVSS v3.1). Connected sources corroborate the double...

NewStart CGSL CORE 5.04 / MAIN 5.04 : exiv2 Multiple Vulnerabilities (NS-SA-2022-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has exiv2 packages installed that are affected by multiple vulnerabilities: - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : exiv2 Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has exiv2 packages installed that are affected by multiple vulnerabilities: - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

Mageia: Security Advisory (MGASA-2021-0396)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-2579)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : compat-exiv2-026 (CESA-2021:3153)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3153 advisory. - exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp CVE-2021-31291 Note that Nessus has not tested for this issue but has instead relied only on t...