Siemens APE1808 Incorrect Provision of Specified Functionality (CVE-2025-58325)

An Incorrect Provision of Specified Functionality vulnerability CWE-684 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands. This plugin only works with...

Malicious code in elf-stats-northbound-wishlist-684 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86f3f7c9925afd2dd883f5f74744cb30475159cbc8d0631c56a8d67855130eb The package elf-stats-northbound-wishlist-684 was found to contain malicious code...

MAL-2025-192108 Malicious code in elf-stats-northbound-wishlist-684 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86f3f7c9925afd2dd883f5f74744cb30475159cbc8d0631c56a8d67855130eb The package elf-stats-northbound-wishlist-684 was found to contain malicious code...

CVE-2025-58325

An Incorrect Provision of Specified Functionality vulnerability CWE-684 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands...

OSV-2025-684 Heap-buffer-overflow in TGAHandler::read

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=440585455 Crash type: Heap-buffer-overflow WRITE 4 Crash state: TGAHandler::read kimgiofuzzer.cc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient length of the computed message payload 684...

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

ibm.com XSS vulnerability

Vulnerable URL: https://www.ibm.com/blogs/southeast-europe/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 01.06.2016 Latest check for patch:| 01.06.2016 01:12 GMT Vulnerability type:| XSS Vulnerability...

Amazon Linux: Security Advisory (ALAS-2016-684)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.10 : clamav vulnerability (USN-684-1)

Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...

Ubuntu: Security Advisory (USN-684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-684-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...