3601 matches found
USN-7533-1: CRaC JDK 17 vulnerabilities
Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly handled RSA padding. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 17 incorrectly handled compiler transformations. An...
USN-7531-1: CRaC JDK 21 vulnerabilities
Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 21 incorrectly handled compiler transformations. An...
USN-7531-1 openjdk-21-crac vulnerabilities
Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 21 incorrectly handled compiler transformations. An...
PT-2025-29000
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 Description: The Linux kernel contains a flaw within the bpf subsystem. Specifically, the issue arises when creating a bpf program and the fp-jit requested variable depends on bpf...
Ubuntu 24.10 / 25.04 : CRaC JDK 21 vulnerabilities (USN-7531-1)
The remote Ubuntu 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7531-1 advisory. Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain...
CVE-2025-46493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Stored XSS.This issue affects Crossword Compiler Puzzles: from n/a through = 14.5...
CVE-2025-46490
Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Upload a Web Shell to a Web Server.This issue affects Crossword Compiler Puzzles: from n/a through = 5.2...
CVE-2025-46490
Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Upload a Web Shell to a Web Server.This issue affects Crossword Compiler Puzzles: from n/a through = 5.2...
CVE-2025-46493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Stored XSS.This issue affects Crossword Compiler Puzzles: from n/a through = 14.5...
CVE-2025-46493 WordPress Crossword Compiler Puzzles plugin <= 14.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Stored XSS.This issue affects Crossword Compiler Puzzles: from n/a through = 14.5...
CVE-2025-46493 WordPress Crossword Compiler Puzzles <= 5.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wordwebsoftware Crossword Compiler Puzzles allows Stored XSS. This issue affects Crossword Compiler Puzzles: from n/a through 5.3...
CVE-2025-46490 WordPress Crossword Compiler Puzzles plugin <= 5.2 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Upload a Web Shell to a Web Server.This issue affects Crossword Compiler Puzzles: from n/a through = 5.2...
CVE-2025-46493
CVE-2025-46493 affects WordPress plugin Crossword Compiler Puzzles (versions up to and including 5.3). The issue is a Stored XSS caused by improper neutralization of input during web page generation, leading to cross-site scripting when handling user-supplied content in Crossword Compiler Puzzles...
CVE-2025-46490 WordPress Crossword Compiler Puzzles plugin <= 5.2 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Upload a Web Shell to a Web Server.This issue affects Crossword Compiler Puzzles: from n/a through = 5.2...
CVE-2025-46490
CVE-2025-46490 affects Crossword Compiler Puzzles (WordPress plugin)
CVE-2024-21857
Uncontrolled search path for some IntelR oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-28458
Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c...
CVE-2024-5600
The SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check and insufficient sanitization on the importsettings function in all versions up to, and including, 1.3.10. This makes it possible f...
CVE-2024-45056
zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...
CVE-2024-42476
In the OAuth library for nim prior to version 0.11, the Authorization Code grant and Implicit grant both rely on the state parameter to prevent cross-site request forgery CSRF attacks where a resource owner might have their session associated with protected resources belonging to an attacker. Whe...