14 matches found
CVE-2025-13151 affecting package gnutls for versions less than 3.7.11-6
CVE-2025-13151 affecting package gnutls for versions less than 3.7.11-6. A patched version of the package is available...
CVE-2025-68471
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...
CVE-2025-61811 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. A high privileged attacker could leverage this vulnerability to bypass security measures and execute...
Advisory ROSA-SA-2025-3063
Software: libarchive 3.3.3 OS: ROSA Virtualization 2.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv3 affected versions libarchive-3.3.3.3-6.0.1.rv3 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...
Advisory ROSA-SA-2025-3061
Software: emacs 26.1 OS: ROSA Virtualization 2.1 unaffected versions = emacs-26.1-15.rv3 affected versions emacs-26.1-15.rv3 CVE-ID: CVE-2024-53920 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the elisp-completion-at-point and elisp-flymake-byte-compile function of the ELisp mode of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-986152)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986152 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prio...
UTT 1250GW 安全漏洞
The UTT 1250GW is a wireless router from China Aitai UTT. A security vulnerability exists in UTT 1250GW v2v3.2.2-200710 and earlier versions, which stems from an incorrect manipulation of the parameter Username in the file /goform/formUserStatusRemark, which could result in a buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2019-2797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.7.26 and prior and 8.0.16...
PT-2025-12377
Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue is related to an out-of-bounds array write due to incorrect integer overflow checking in the PostScript function interpreter code. Recommendations For versions 4.05 and earlier, update to a...
PT-2024-36676 · Vibebp · Vibebp
Name of the Vulnerable Software and Affected Versions: VibeBP versions prior to 1.9.9.5.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The estimated number of...
SUSE CVE-2020-14559
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...
Aruba Networks EdgeConnect Enterprise Orchestrator 跨站脚本漏洞
Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A cross-site scripting vulnerability exists in Aruba...
Mbed TLS 缓冲区错误漏洞
Mbed TLS is an open source, portable, easy-to-use, readable and flexible SSL library. A security vulnerability exists in Mbed TLS versions prior to 2.28.2 and Mbed TLS versions prior to 3.3.0, which stems from a potential heap-based buffer overflow and heap-based buffer overflow in DTLS if...
PT-2018-10193 · Intel +4 · Lldptool +4
Name of the Vulnerable Software and Affected Versions: lldptool versions 1.0.1 and older Description: The issue allows an attacker to inject shell control characters into a buffer, potentially impacting the behavior of the terminal, when mngAddr information is displayed. This occurs because...