12 matches found
WordPress FluentCommunity plugin <= 2.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin FluentCommunity versions = 2.0.0...
CVE-2025-61680
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0...
CVE-2025-61680 Minecraft RCON Terminal: Plain Text Password Storage in Configuration
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0...
CVE-2025-61588 risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in th...
CVE-2025-59351 Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0...
Linux Distros Unpatched Vulnerability : CVE-2020-11088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadNegotiateMessage. This has been fixed in 2.1.0. CVE-2020-11088 Note that Nessus...
CVE-2022-30322
go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0...
UBUNTU-CVE-2022-30322
go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0...
freerdp: out-of-bounds read in irp functions
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions parallelprocessirpcreate, serialprocessirpcreate, driveprocessirpwrite, printerprocessirpwrite, rdpeirecvpdu, serialprocessirpwrite. This has been fixed in 2.1.0...
UBUNTU-CVE-2020-11086
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadntlmv2clientchallenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0...
UBUNTU-CVE-2020-11087
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0...
PT-2020-12544 · Freerdp +6 · Freerdp +6
Name of the Vulnerable Software and Affected Versions: FreeRDP versions 2.0.0 and earlier Description: The issue is related to an out-of-bound read in the ntlm read AuthenticateMessage function. This has been fixed in version 2.1.0. Recommendations: For FreeRDP versions 2.0.0 and earlier, update ...