CVE-2025-12686

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

@hulumi/policies: HULUMI-H1 SecureBucket parent spoof bypass

Impact: @hulumi/policies versions before 1.3.2 could accept spoofed SecureBucket parent evidence for HULUMI-H1, allowing policy evaluation to miss an unsafe bucket shape. Patched in 1.3.2: the validator now correlates evidence to the expected component/resource relationship and includes regressio...

CVE-2026-32287 affecting package terraform for versions less than 1.3.2-30

CVE-2026-32287 affecting package terraform for versions less than 1.3.2-30. A patched version of the package is available...

CVE-2026-32390

Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nanosoft: from n/a through 1.3.2...

OESA-2026-1584 zlib security update

Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...

AZL-78017 CVE-2026-27171 affecting package openjpeg2 2.3.1-12

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

AZL-77985 CVE-2026-27171 affecting package blosc 1.21.6-1

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

AZL-77993 CVE-2026-27171 affecting package fltk 1.3.5-4

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

CVE-2025-64186

The CVE concerns the evervault-go SDK used for enclave attestation. A vulnerability in versions prior to 1.3.2 allowed incomplete attestation documents to pass validation, potentially causing a client to trust an enclave operator that does not meet integrity guarantees. The issue centers on insuf...

Evervault Go SDK 数据伪造问题漏洞

Evervault Go SDK is an open source development toolkit from Evervault. A Data Forgery Issue vulnerability exists in Evervault Go SDK versions prior to 1.3.2, which stems from incomplete validation logic that could lead to trusting an enclave operator that does not meet integrity guarantees...

Linux Distros Unpatched Vulnerability : CVE-2021-21305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and...

CVE-2011-10017

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

PT-2025-33086 · Snort +1 · Snort +1

Name of the Vulnerable Software and Affected Versions: Snort versions prior to 1.3.2 Description: Snort Report versions prior to 1.3.2 contain a remote command execution issue in the nmap.php and nbtscan.php scripts. These scripts do not properly sanitize user input received through the target GE...

CVE-2023-0608

Cross-site Scripting XSS - DOM in GitHub repository microweber/microweber prior to 1.3.2...

CVE-2020-7126

A remote server-side request forgery ssrf vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

CVE-2025-4415

CVE-2025-4415 affects the Drupal Piwik PRO module prior to 1.3.2. The issue is described as Improper Neutralization of Input During Web Page Generation, enabling Cross-Site Scripting (XSS). Affected versions are 0.0.0 through 1.3.2, with public references indicating an authenticated XSS concern (...

Drupal Piwik PRO module < 1.3.2 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Piwik PRO versions 1.3.2...

Ratify 授权问题漏洞

Ratify is an artifact approval framework CNCF sandbox from Ratify open source. An authorization issue vulnerability exists in Ratify version 1.2.3 and prior to version 1.3.2 that stems from the Azure Authentication Provider not verifying that the target registry is ACR, which could lead to misuse...