HashiCorp Vagrant 2.2.10 < 2.4.7 Code Injection (macOS)

The version of HashiCorp Vagrant installed on the remote host is 2.2.10 prior to 2.4.7. It is, therefore, is affected by a code injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...

CVE-2025-34075

creationtimestamp| type| source ---|---|--- 2025-07-02 21:26:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsz5pkaxav2r...

CVE-2025-34075

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended...

CVE-2024-34075

kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a...

CVE-2024-34075

creationtimestamp| type| source ---|---|--- 2024-05-03 20:30:38+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-hfrv-h3q8-9jpr...

CVE-2024-34075

kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a...

CVE-2024-34075

CVE-2024-34075 (kurwov) affects the Markov chain library kurwov. A flaw in the unsafe sanitization in MarkovData#getNext (used by Markov#generate and Markov#choose) lets a crafted dataset string bypass sanitization when it contains the forbidden substring "proto " followed by a space, by manipula...

CVE-2021-34075

In Artica Pandora FMS =754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access...

CVE-2021-34075

In Artica Pandora FMS, the vulnerability CVE-2021-34075 affects the File Manager component in versions for Pandora FMS 754 and earlier, where sensitive information is exposed on the client-side. The root cause is an information-disclosure flaw in the File Manager, allowing attackers to access sen...

WordPress MU wp-includes/wpmu-functions.php模块跨站脚本漏洞

BUGTRAQ ID: 34075 WordPress MU允许在单个wordpress安装上运行多个博客。 WordPress MU的chooseprimaryblog函数没有正确地过滤Host头。以下是wp-includes/wpmu-functions.php中的有漏洞代码段： 1830 function chooseprimaryblog 1831 global $currentuser; 1832 ? 1833 table class="form-table" 1834 tr 1835 th scope="row"?php e'Primary Blog'; ?/th 1836 ...