6720 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hardware random number generator logging out without checking that the AMD RNG is OK, which could lead t...
PT-2025-53071
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.8 1 Description The Linux kernel contained an issue within the TPM Trusted Platform Module subsystem. A crash could occur due to a missing invariant check during the unregistration of the hardware random numb...
CVE-2025-26379
Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...
CVE-2025-26379
Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...
CVE-2025-26379 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator
Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...
CVE-2023-53920
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...
CVE-2023-53918
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title field accessible through the episodes upload interface episodesupload.php. Malicious JavaScript payloads injected into episode titles execute when administrators view the episodes list page...
CVE-2023-53920
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...
CVE-2023-53920 PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...
CVE-2023-53920 PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...
CVE-2023-53919 PodcastGenerator Stored Cross-Site Scripting via Freebox Content Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox content field accessible through the theme customization interface themefreebox.php. Malicious JavaScript payloads injected into the Freebox content execute when users visit the application's home page...
CVE-2023-53918 PodcastGenerator Stored Cross-Site Scripting via Episode Title Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title field accessible through the episodes upload interface episodesupload.php. Malicious JavaScript payloads injected into episode titles execute when administrators view the episodes list page...
CVE-2023-53899
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation...
Podcast Generator 跨站脚本漏洞
Podcast Generator is an open source set of free podcast publishing scripts written in PHP by PodcastGenerator. A cross-site scripting vulnerability exists in Podcast Generator version 3.2.9, which stems from improper Freebox content field cleanup and could lead to a stored cross-site scripting...
Podcast Generator 跨站脚本漏洞
Podcast Generator is an open source set of free podcast publishing scripts written in PHP by PodcastGenerator. A cross-site scripting vulnerability exists in Podcast Generator version 3.2.9, which stems from improper cleaning of the podcast title field and could lead to a stored cross-site...
Podcast Generator 跨站脚本漏洞
Podcast Generator is an open source set of free podcast publishing scripts written in PHP by PodcastGenerator. A cross-site scripting vulnerability exists in Podcast Generator version 3.2.9, which stems from improper cleaning of the episode title field and could lead to a stored cross-site...
CVE-2023-53899
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation...
CVE-2023-53899 PodcastGenerator 3.2.9 Blind Server-Side Request Forgery via XML Injection
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation...
CVE-2023-53899 PodcastGenerator 3.2.9 Blind Server-Side Request Forgery via XML Injection
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation...
CVE-2025-64632
The CVE-2025-64632 entry concerns the WordPress Google XML Sitemaps plugin with versions up to and including 4.1.21. The root cause is a missing authorization / broken access control, allowing exploitation due to incorrectly configured access levels. Public sources in the connected documents conf...