CVE-2026-30662

ConcreteCMS v9.4.7 contains a Denial of Service DoS vulnerability in the File Manager component. The 'download' method in 'concrete/controllers/backend/file.php' improperly manages memory when creating zip archives. It uses 'ZipArchive::addFromString' combined with 'filegetcontents', which loads...

concretecms 资源管理错误漏洞

ConcreteCMS is an open-source content management system developed by Concrete. Version 9.4.7 of ConcreteCMS contains a vulnerability related to resource management. This vulnerability stems from improper memory management during the creation of zip archives by the file manager component, which ma...

OPENSUSE-SU-2024:12855-1 grafana-9.4.7-1.1 on GA media

These are all security issues fixed in the grafana-9.4.7-1.1 package on the GA media of openSUSE Tumbleweed...

Grafana < 8.5.22, 9.2.x < 9.2.15, 9.3.x < 9.3.11, 9.4.x < 9.4.7 XSS Vulnerability (GHSA-qrrg-gw7w-vp76)

Grafana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:grafana:grafana"; i...

Drupal 9.4.x < 9.4.7 Third-Party Library Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 9.3.x prior to 9.3.22 or 9.4.x prior to 9.4.7. Drupal uses the Twig third-party library for content templating and sanitization. Multiple vulnerabilities are possible if an untrusted user has access...

Drupal Multiple Vulnerabilities (SA-CORE-2022-016) - Windows

Drupal is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Gentoo Security Advisory GLSA 201201-19 (acroread)

The remote host is missing updates announced in advisory GLSA 201201-19. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

acroread (important)

Acrobat Reader was updated to version 9.4.7 to fix security issues CVE-2011-2462, CVE-2011-4369...

Critical: Red Hat Security Advisory: acroread security update

Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS...