ROOT-OS-UBUNTU-2404-CVE-2026-46121 CVE-2026-46121 in rootio-linux - Patched by Root

Root has patched CVE-2026-46121 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

DEBIAN-CVE-2026-46121

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

CVE-2025-46121

The CVE-2025-46121 affects CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139. The flaw arises in stamgr_cfg_adpt_addStaFavourite and stamgr_cfg_adpt_addStaIot that pass a client hostname directly to snprintf as the format string, enabling unauthenticated format-string process...

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

CVE-2022-46121

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manageproduct=...

Advisory ROSA-SA-2025-2614

software: yt-dlp 2023.09.24 WASP: ROSA-CHROME packageevrstring: yt-dlp-2023.09.24-1 CVE-ID: CVE-2023-46121 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in yt-dlp allows an attacker to perform a MITM attack and gain access to a cookie. CVE-STATUS: The vulnerability has been resolved...

openSUSE: Security Advisory for yt (openSUSE-SU-2023:0374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

africanwhisper (=0.2.8), basketcase (>=1.0.5 <=3.1.1) +22 more potentially affected by CVE-2023-46121 via yt-dlp (>=2022.10.4 <=2023.10.7)

yt-dlp PYPI version =2022.10.4, =1.0.5, =0.3.0, =0.1.2, =0.3.1, =0.4.0, =0.7.0, =0.9.42, =0.14.0, =4.0.0, =1.0.5, =2022.12.4, =2023.4.15 and more Source cves: CVE-2023-46121 Source advisory: OSV:GHSA-3CH3-JHC6-5R8X...

GHSA-3CH3-JHC6-5R8X yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection

Impact The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie exfiltration in some cases. To pass extra control data between...

CVE-2023-46121

CVE-2023-46121 – yt-dlp Generic Extractor MitM vulnerability affects the yt-dlp project (a fork of youtube-dl) where the Generic Extractor could be fed an arbitrary proxy via a crafted URL, enabling a man-in-the-middle on the HTTP session and potential cookie exfiltration. Technical details acros...

CVE-2022-46121

creationtimestamp| type| source ---|---|--- 2022-12-14 20:23:24+00:00| seen| https://t.me/cibsecurity/54545 2025-04-22 14:03:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12852...

CVE-2022-46121

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manageproduct&id=...

CVE-2022-46121

CVE-2022-46121 affects Helmet Store Showroom Site v1.0. A SQL injection vulnerability exists in the admin risk path: /hss/admin/?page=products/manage_product&id=, due to unsanitized user input. CVSS v3.1 metrics indicate a HIGH severity (7.2) with network attack vector, low attack complexity, and...