CVE-2025-15437 LigeroSmart Environment Variable cross site scripting

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

LigeroSmart 代码注入漏洞

LigeroSmart is a management platform for LigeroSmart open source. A code injection vulnerability exists in LigeroSmart versions 6.1.24 and earlier, which stems from the incorrect manipulation of the parameter REQUESTURI in the component Environment Variable Handler, and could lead to a cross-site...

PT-2026-1060

Name of the Vulnerable Software and Affected Versions LigeroSmart versions up to 6.1.24 Description A flaw exists in the Environment Variable Handler component of LigeroSmart. Manipulation of the REQUEST URI argument can lead to cross-site scripting. The issue may be exploited remotely. The explo...

VMware Spring Framework < 5.3.46, 6.0.x < 6.1.24, 6.2.x < 6.2.12 CSRF Vulnerability - Windows

The VMware Spring Framework is prone to a STOMP cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2025-38452

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.24-syzkaller Description A flaw was discovered in the Linux kernel related to the handling of VLAN packets. Specifically, the use of pskb may pull instead of skb header pointer in certain functions could lead...

Linux Distros Unpatched Vulnerability : CVE-2021-2443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2021:1114-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1114-1 advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Pri...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1114-1 Rating: important References: 1188045 1188105 1188535 1188536 1188537 1188538 Cross-References: CVE-2021-2409 CVE-2021-2442 CVE-2021-2443 CVE-2021-2454 CVSS scores: CVE-2021-2409 NVD : 8.2...

OPENSUSE-SU-2021:1092-1 Security update for virtualbox

This update for virtualbox fixes the following issues: Version bump to 6.1.24 released July 20 2021 by Oracle This is a maintenance release. The following items were fixed and/or added: - Storage: Fixed starting a VM if a device is attached to a VirtIO SCSI port higher than 30 bug 20213 - Storage...

Oracle VirtualBox Security Update (cpujul2021) - Mac OS X

This host is missing a security update according to Oracle. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...

Updated virtualbox packages fix security vulnerability

This update provides the upstream 6.1.24 maintenance release that fixes at least the following security vulnerabilities: An easily exploitable vulnerability in the Oracle VM VirtualBox component: Core prior to 6.1.24 allows high privileged attacker with logon to the infrastructure where Oracle VM...

Oracle VM VirtualBox has an unspecified vulnerability (CNVD-2021-54711)

Oracle VM VirtualBox is a powerful cross-platform virtualization software for x86 systems.A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 6.1.24. An attacker could exploit this vulnerability to cause the product to hang or crash frequently...

CVE-2021-2442

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2021-2409

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

UBUNTU-CVE-2021-2454

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

CVE-2021-2454

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

Oracle VM VirtualBox输入验证错误漏洞

Oracle VM VirtualBox is a cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 6.1.24. An attacker could exploit the vulnerability to take over the product...