DEBIAN-CVE-2025-30204

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

CVE-2021-42711

Barracuda Network Access Client before 5.2.2 creates a Temporary File in a Directory with Insecure Permissions. This file is executed with SYSTEM privileges when an unprivileged user performs a repair operation...

Barracuda Network Access Client 授权问题漏洞

Barracuda Networks Barracuda Network Access Client is a suite of Windows-only applications from Barracuda Networks, Inc. It is used to control network and Vpn client access based on rules and policies. An authorization issue vulnerability exists in Barracuda Network Access Client, which arises fr...

PT-2012-1508 · Red Hat · Jboss Enterprise Portal Platform +1

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Portal Platform versions prior to 5.2.2 Description: The issue allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses. This is related to the use of block ciphers in cipher-block...

DEBIAN-CVE-2009-0841

Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. dot dot in the id parameter...

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...