820 matches found
WordPress plugin Embed Calendly 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
PT-2026-36050
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the SMB2 protocol dissector can lead to a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6.4 to a...
Astra Linux - уязвимость в wireshark
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...
SUSE CVE-2026-3203
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...
CVE-2026-2903 skvadrik re2c ast.cc check_and_merge_special_rules null pointer dereference
A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function checkandmergespecialrules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name:...
CVE-2021-47908 Ultimate POS 4.4 Persistent Cross-Site Scripting via Product Name
Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004160)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004160 advisory. An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if kascii is called several times in a row, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004261)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004261 advisory. An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if kascii is called several times in a row, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002020)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002020 advisory. Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003162)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003162 advisory. In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer...
CVE-2025-67685
A Server-Side Request Forgery SSRF vulnerability CWE-918 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker to proxy internal requests limited to plaintext...
Wireshark 缓冲区错误漏洞
Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A buffer error vulnerability exists in Wireshark versions 4.6.0 through 4.6.2 and 4.4.0 through...
CVE-2020-12141
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmpberdecodestringlenbuffer in os/net/app-layer/snmp/snmp-ber.c...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000461)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000461 advisory. In the Linux kernel 4.4 through 5.7.6, usbtestdisconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. Tenable has extracted the preceding...
CVE-2025-14847
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3,...
AZL-71213 CVE-2025-13946 affecting package wireshark 4.4.7-1
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service...
Wireshark Security Update (wnpa-sec-2025-04) - Linux
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
Wireshark Security Update (wnpa-sec-2025-04) - Windows
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
EUVD-2018-9689
Malware in sbrugna...
EUVD-2014-3661
Malware in sbrugna...