AMD多款产品 缓冲区错误漏洞

The AMD Ryzen is a central processing unit CPU developed by American semiconductor company AMD. Several AMD products have a buffer error vulnerability, which stems from improper input validation. This vulnerability may allow local attackers to read data beyond its scope, resulting in information...

CVE-2026-7040 Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have heap overflow when processing some malformed UTF-8 characters

Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minifyutf8 function is an alias for minify...

AMD多款产品 安全漏洞

AMD Ryzen and AMD Athlon are both products of American semiconductor company AMD. AMD Ryzen is a type of Central Processing Unit CPU. AMD Athlon is a series of microprocessors. Several AMD products have security vulnerabilities, which stem from improper handling of input parameters and may lead t...

AMD多款产品 安全漏洞

AMD Ryzen and others are products of American semiconductor company AMD. AMD Ryzen is a central processing unit CPU. AMD Ryzen Master is a software tool used to manage and adjust the performance of AMD Ryzen processors. AMD Ryzen AI is an AI acceleration unit NPU within an AMD processor. Several...

CVE-2025-7040

creationtimestamp| type| source ---|---|--- 2025-09-06 06:06:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly5j24rjh62s 2025-09-06 06:11:38+00:00| seen| https://t.me/canyoupwnme/6923...

CVE-2025-7040

The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setorganizationsettings' action of the cssohandleactions function in all versions up to, and including, 1.0.19. The handler reads client-supplied POST parameters fo...

WordPress Cloud SAML SSO plugin <= 1.0.19 - Missing Authorization to Unauthenticated Settings Modification via set_organization_settings Action vulnerability

Missing Authorization to Unauthenticated Settings Modification via setorganizationsettings Action vulnerability discovered by kr0d in WordPress Plugin Cloud SAML SSO - Single Sign On Login versions = 1.0.19...

Linux Distros Unpatched Vulnerability : CVE-2017-7040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected...

K000151520: Python vulnerabilities CVE-2018-20852, CVE-2014-4616, and CVE-2013-7040

Security Advisory Description CVE-2018-20852 http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server...

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...

CVE-2024-7040 Improper Access Control in open-webui/open-webui

In version v0.3.8 of open-webui/open-webui, there is an improper access control vulnerability. On the frontend admin page, administrators are intended to view only the chats of non-admin members. However, by modifying the userid parameter, it is possible to view the chats of any administrator,...

Linux Distros Unpatched Vulnerability : CVE-2013-7040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the abili...

Ubuntu 14.04 LTS : ConfigObj vulnerability (USN-7040-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7040-2 advisory. USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Tenable has extracted the preceding description...

Ubuntu: Security Advisory (USN-7040-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ConfigObj vulnerability (USN-7040-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7040-1 advisory. It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly u...

CVE-2024-22394

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040...

SonicOS SSL-VPN Improper Authentication

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.This issue affects only firmware version SonicOS 7.1.1-7040. CVE: CVE-2024-22394 Last updated: Feb. 7, 2024, 4:44...

PT-2024-1608 · Sonicwall · Sonicos

Name of the Vulnerable Software and Affected Versions: SonicWall SonicOS version 7.1.1-7040 Description: An improper authentication vulnerability has been identified in the SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This...

CVE-2023-7040

A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...

CVE-2023-7040

CVE-2023-7040 affects codelyfe Stupid Simple CMS up to v1.2.4. The vulnerability is in /file-manager/rename.php where manipulation of the oldName argument enables path traversal to ../filedir. It can be exploited remotely and has public disclosure. The vulnerability is tracked as VDB-248689. Miti...