Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel before version 5.13.6, the drivers/usb/host/max3421-hcd.c file allowed physically nearby attackers to cause a denial of service including use-after-free errors and panic conditions by removing a MAX-3421 USB device under certain circumstances...

EUVD-2026-3421

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001558 advisory. drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service use-after-free and panic by...

EUVD-2021-24662

Malware in sbrugna...

EUVD-2025-20359

Malicious code in bioql PyPI...

ECHO-3421-28F1-F2D2

Bulletin has no description...

CVE-2025-20693

In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-34...

CVE-2022-3421

An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...

WordPress Everest Forms plugin <= 3.1.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin Everest Forms versions = 3.1.1...

CVE-2025-3421

creationtimestamp| type| source ---|---|--- 2025-04-11 15:37:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmkdyc2kc42a 2025-04-11 16:27:15+00:00| seen| https://t.me/cvedetector/22748...

CVE-2025-3421 Everest Forms <= 3.1.1 - Reflected Cross-Site Scripting

The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'formid' parameter in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping...

CVE-2025-3421 Everest Forms <= 3.1.1 - Reflected Cross-Site Scripting

The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'formid' parameter in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping...

CVE-2025-3421

The CVE-2025-3421 entry concerns the Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin. Affected: WordPress plugin Everest Forms versions up to and including 3.1.1. Issue: Reflected Cross-Site Scripting via the form_id parameter due to insufficient...

Linux Distros Unpatched Vulnerability : CVE-2014-3421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary fil...

openSUSE Security Advisory (SUSE-SU-2024:3421-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : emacs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: multiple temporary file issues CVE-2014-3424 - emacs: command execution via shell metacharacters...

RHEL 9 : kernel (RHSA-2024:3421)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3421 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability...

CVE-2024-3421

A vulnerability was found in SourceCodester Online Courseware 1.0. It has been classified as critical. This affects an unknown part of the file admin/deactivatestud.php. The manipulation of the argument selector leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2024-3421 SourceCodester Online Courseware deactivatestud.php sql injection

A vulnerability was found in SourceCodester Online Courseware 1.0. It has been classified as critical. This affects an unknown part of the file admin/deactivatestud.php. The manipulation of the argument selector leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2024-3421 SourceCodester Online Courseware deactivatestud.php sql injection

A vulnerability was found in SourceCodester Online Courseware 1.0. It has been classified as critical. This affects an unknown part of the file admin/deactivatestud.php. The manipulation of the argument selector leads to sql injection. It is possible to initiate the attack remotely. The exploit h...