ROOT-OS-DEBIAN-12-CVE-2024-40969 CVE-2024-40969 in rootio-linux - Patched by Root

Root has patched CVE-2024-40969 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

CVE-2026-40969

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...

io.crossplane.compositefunctions:crossplane-function-example (>=1.20-alpha <=2.0.5), io.crossplane.compositefunctions:crossplane-function-springboot-starter (>=1.20-alpha <=2.0.5) +19 more potentially affected by CVE-2026-40969 via org.springframework.grpc:spring-grpc-core (>=1.0.0-RC1 <=1.0.2)

org.springframework.grpc:spring-grpc-core MAVEN version =1.0.0-RC1, =1.20-alpha, =1.20-alpha, =2026.01, =0.8.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =1.0.0, =1.0.0, =1.0.2 - org.springframew...

CVE-2023-40969

Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery SSRF via admin/modules/bibliography/popp2p.php...

CVE-2024-40969

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

EUVD-2025-40969

Malicious code in tania-mendut22-miaww npm...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

Linux Distros Unpatched Vulnerability : CVE-2024-40969

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: don't set RO when shutting down f2fs Shutdown does not check the error of thawsuper due to readonly, which causes a deadlock like below...

CVE-2023-40969

creationtimestamp| type| source ---|---|--- 2023-09-01 14:13:53+00:00| seen| https://t.me/cibsecurity/69627...

CVE-2023-40969

CVE-2023-40969 - SSRF in SLIMS 9 Bulian 9.6.1 : Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server-Side Request Forgery via admin/modules/bibliography/pop_p2p.php. Public docs consistently identify the affected component as the endpoint pop_p2p.php under the bibliogr...

CVE-2022-40969

CVE-2022-40969 (Siretta QUARTZ-GOLD) is a OS command injection vulnerability in the httpd delfile.cgi file-management endpoint. Talos reports that the delfile.cgi handler accepts a parameter named _filename, appends it to a base folder path, and then executes rm -rf / via system(), with the filen...

Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1607 Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40969 SUMMARY An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020....

CVE-2021-40969

creationtimestamp| type| source ---|---|--- 2021-10-01 20:15:40+00:00| seen| https://t.me/cibsecurity/29826 2023-06-05 12:33:16+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-40969.yaml...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

CVE-2021-40969

Removed by vendor...

CVE-2021-40969

CVE-2021-40969 affects Spotweb up to version 1.5.1, with a reflected XSS in templates/installer/step-004.inc.php via the firstname parameter. The Nuclei template confirms this as a reflected XSS risk in Spotweb

PHPMailer &lt; 5.2.19 - Sendmail Argument Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PHPMailer Sendmail Argument Injection', 'Description' = %q PHPMailer versions up to and including 5.2.19 are affected by a...