35 matches found
Exploit for OS Command Injection in Gerapy
CVE-2021-43857-Gerapy-v0.9.7 - login to portal as admin - add...
CVE-2023-43857
Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting XSS vulnerability via the component /admin/u/toIndex...
TencentOS Server 4: ruby (TSSA-2025:0467)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0467 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-2150)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : ruby (EulerOS-SA-2025-2140)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-2025)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-2084)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-2112)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2025-2025)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2025-2056)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2025-1967)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...
CVE-2025-43857 vulnerabilities
Vulnerabilities for packages: jruby, kube-fluentd-operator...
CVE-2025-43857 vulnerabilities
Vulnerabilities for packages: kube-fluentd-operator, truffleruby, jruby...
CVE-2025-43857
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a maliciou...
CVE-2025-43857
creationtimestamp| type| source ---|---|--- 2025-04-28 16:11:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13695 2025-04-28 19:50:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnvjzdtx3h2s 2025-04-28 19:55:01+00:00| seen|...
CVE-2025-43857
Net::IMAP for Ruby is vulnerable to denial of service via memory exhaustion when processing server responses containing a literal byte count. A malicious server can trigger the client’s receiver thread to allocate memory for the indicated size, potentially exhausting memory during any active conn...
CVE-2025-43857 net-imap rubygem vulnerable to possible DoS by memory exhaustion
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a maliciou...
CVE-2025-43857 net-imap rubygem vulnerable to possible DoS by memory exhaustion
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a maliciou...
CVE-2024-43857 affecting package kernel for versions less than 6.6.64.2-9
CVE-2024-43857 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...
SUSE CVE-2024-43857
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by isendzoneblkaddr that checks the last block of a zone when f2fs is mounted as a single device...