5111 matches found
The vulnerability of the read_hexstring() function in the tcprewrite editor for editing and replaying PCAP files, allows a hacker to cause a service failure.
The vulnerability of the readhexstring function in the tcprewrite tool for editing and replaying PCAP files involves pointer manipulation. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
The vulnerability of the parse_list() function in the tcpprep editor for processing PCAP files, as well as in the Tcpreplay tool for editing and replaying PCAP files, allows a hacker to cause a service failure.
The vulnerability of the parselist function in the tcpprep editing and playback PCAP file utility lies in pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
CTFd 安全漏洞
CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd version 3.7.5 that stems from a failure to properly validate or clean the Host header, which could lead to a phishing attack, password reset, or cache poisoning...
PT-2025-1875
Name of the Vulnerable Software and Affected Versions HP affected versions not specified Description With access to the address book, an attacker could modify SMB/FTP settings, redirect scans, and possibly capture credentials. This requires enabled scan functions and printer access. Recommendatio...
PT-2025-1874
Name of the Vulnerable Software and Affected Versions Xerox VersaLink Printers affected versions not specified Xerox VersaLink C7025 MFPs affected versions not specified Description The issue allows authentication to be redirected to another server when accessing LDAP settings, potentially exposi...
January 28, 2025—KB5050081 (OS Build 19045.5440) Preview
January 28, 2025—KB5050081 OS Build 19045.5440 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...
CVE-2024-54539
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to capture keyboard events from the lock screen...
Apple iOS和iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which stems from an...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.3 and Apple iPadOS version 18.3, which originates from a malicious...
CVE-2025-23929
Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation email-capture-lead-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email Capture & Lead Generation: from n/a through = 1.0.2...
CVE-2025-23929 WordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation email-capture-lead-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email Capture & Lead Generation: from n/a through = 1.0.2...
WordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata in WordPress Plugin Email Capture & Lead Generation versions = 1.0.2...
PT-2025-5208 · Wishfulthemes · Wishfulthemes Email Capture & Lead Generation
Name of the Vulnerable Software and Affected Versions: wishfulthemes Email Capture & Lead Generation versions 1.0.2 and earlier Description: The issue is related to a missing authorization vulnerability in wishfulthemes Email Capture & Lead Generation, which allows exploiting incorrectly configur...
Interpretation Conflict
Overview Affected versions of this package are vulnerable to Interpretation Conflict due to improper handling of newline characters in remote URLs. An attacker can capture credentials for another Git remote by crafting a malicious URL that manipulates newline interpretations between Git and the G...
CVE-2024-50338
Git Credential Manager GCM is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the...
CVE-2024-50338 Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager
Git Credential Manager GCM is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the...
PT-2025-2920
Name of the Vulnerable Software and Affected Versions Git versions prior to v2.48.1 Git versions prior to v2.47.2 Git versions prior to v2.46.3 Git versions prior to v2.45.3 Git versions prior to v2.44.3 Git versions prior to v2.43.6 Git versions prior to v2.42.4 Git versions prior to v2.41.3 Git...
PT-2025-1920 · WordPress · The Coupon X: Discount Pop Up
Name of the Vulnerable Software and Affected Versions: The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress versions up to, and including, 1.3.5 Description: The issue is related to PHP Object Injection via deserialization of untrusted...
PT-2025-4828 · Redcap · Redcap
Name of the Vulnerable Software and Affected Versions: REDCap version 14.9.6 Description: A stored cross-site scripting XSS issue allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user receives the survey and clicks on the field name, it triggers...
CTFd 安全漏洞
CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd version 3.7.3, which stems from a vulnerability that allows an attacker to trigger a Regular Expression Denial of Service ReDoS by supplying a crafted string as an email address during registration...