Fedora 43 : valkey (2026-76cf27ea56)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-76cf27ea56 advisory. Version 8.1.7 Security fixes - CVE-2026-23479 Use-After-Free in unblock client flow - CVE-2026-25243 Invalid Memory Access in RESTORE command -...

jetAudio 缓冲区错误漏洞

JetAudio is a multimedia player software developed by the JetAudio company. Version 8.1.7 of JetAudio contains a buffer overflow vulnerability. This vulnerability stems from a buffer overflow in the file name field of the video conversion component. It could allow local attackers to trigger the...

PT-2026-26907

jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger t...

CVE-2021-33845

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors...

EUVD-2024-28406

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-33933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic...

Ergon Informatik AG Airlock IAM 安全漏洞

Ergon Informatik AG Airlock IAM is a secure access management system from Ergon Informatik AG, Switzerland. A security vulnerability exists in Ergon Informatik AG Airlock IAM, which stems from a difference in password reset time and could lead to username enumeration. The following versions are...

CVE-2025-1230

Stored Cross-Site Scripting XSS vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘//index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cook...

CVE-2025-1230

Stored Cross-Site Scripting XSS vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘//index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cook...

CVE-2025-1230 Cross-Site Scripting (XSS) vulnerability in Prestashop

Stored Cross-Site Scripting XSS vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘//index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cook...

PT-2025-6866 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: Prestashop version 8.1.7 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability due to the lack of proper validation of user input. This affects the link parameter through the /index.php endpoint, specifically in...

BIT-PRESTASHOP-2024-41651

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user who, by...

CVE-2024-41651

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user who, by...

CVE-2024-30486

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.7...

CVE-2024-30486

CVE-2024-30486 is an authenticated SQL injection in the WordPress plugin Media Library Folders (Media Library Folders: 8.1.7 and earlier). The issue arises from improper neutralization of input in SQL commands, enabling an attacker with Author+ or higher permissions to manipulate queries. The vul...

OESA-2023-1974 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic...

PT-2023-25172 · Knowage · Knowage

Name of the Vulnerable Software and Affected Versions: Knowage versions 6.0.0 through 8.1.7 Description: The issue allows an attacker to register and activate their account without having to click on the link included in the email, giving them access to the application as a normal user...

CVE-2023-30631 Apache Traffic Server: Configuration option to block the PUSH method in ATS didn't work

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...

Remote code execution

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can...

PHP < 7.4.30, 8.0.x < 8.0.20, 8.1.x < 8.1.7 Multiple Vulnerabilities (Jun 2022) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...