37 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-41259
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root...
CVE-2025-41259
creationtimestamp| type| source ---|---|--- 2026-06-03 13:05:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnf6ezoyow2d 2026-06-04 11:39:39+00:00| seen| https://bsky.app/profile/cybersecinsight.bsky.social/post/3mnhjzwy4m42p...
CVE-2026-41259
creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:07+00:00| published-proof-of-concept| Telegram/wY3PGk1V7kusFG8GbDK0g0CtGhXXIm9UsDC-frBku-7BiY...
CVE-2026-41259
Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that are interpreted...
CVE-2026-41259 Mastodon: Insufficient verification of email addresses
Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that are interpreted...
CVE-2024-41259
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2022-41259
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor...
CVE-2024-41259
creationtimestamp| type| source ---|---|--- 2024-08-01 23:47:20+00:00| seen| https://t.me/cvedetector/2270...
CVE-2024-41259
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...
CVE-2024-41259
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...
CVE-2024-41259
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...
USN-6529-1: Request Tracker vulnerabilities
It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-38562, CVE-2022-25802, CVE-2023-41259,...
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Request Tracker vulnerabilities (USN-6529-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6529-1 advisory. It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41259
CVE-2023-41259 affects Best Practical Request Tracker (RT) prior to 4.4.7 and RT 5.x prior to 5.0.5, allowing Information Disclosure via fake or spoofed RT email headers in an email message or in the mail-gateway REST API call. The underlying issue is unvalidated email headers accepted by RT, ena...
Debian: Security Advisory (DLA-3642-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...