17 matches found
CVE-2026-47210
A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This sandbox escape vulnerability allows an attacker to execute arbitrary code in the host process. This occurs when untrusted code is executed with asynchronous async support on runtimes that expose WebAssembly...
@hulumi/policies bypasses policy packs with a forged Pulumi-URN logical name
Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-693 Protection Mechanism Failure Summary Pulumi gives every cloud resource a structured URN that includes the resource's type chain hulumi:baseline:aws:SecureBucket$aws:s3/bucketV2:BucketV2 and the logical name the develope...
PT-2026-48475
Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-693 Protection Mechanism Failure Summary Pulumi gives every cloud resource a structured URN that includes the resource's type chain hulumi:baseline:aws:SecureBucket$aws:s3/bucketV2:BucketV2 and the logical name the develope...
CVE-2026-8327
Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update without field whitelisting resulting in password change without requiring the current...
CVE-2026-8327 Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass.
Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update without field whitelisting resulting in password change without requiring the current...
CVE-2026-8327 Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass.
Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update without field whitelisting resulting in password change without requiring the current...
CVE-2026-23417
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. This vulnerability occurs because the BPFST | BPFPROBEMEM32 immediate stores are not correctly handled by the constant blinding mechanism. As a result, user-controlled 32-bit immediate values can remain unblinded in...
CVE-2026-31857
Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...
GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel
A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...
CVE-2025-32312
CVE-2025-32312 affects Android’s PackageParser.java, specifically the function createIntentsList. Root cause: unsafe deserialization that bypasses lazy bundle hardening, allowing modified data to flow to the next process. Impact: local privilege escalation with no additional privileges required; ...
CVE-2022-0440
The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog ie DISALLOWUNFILTEREDHTML, DISALLOWFILEEDIT and DISALLOWFILEMODS...
[SECURITY] [DLA 2884-1] wordpress security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2884-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 17, 2022 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DSA-5039-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2022-21663
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3...
Google Chrome SimplfiedLowering Integer Overflow Exploit
This Metasploit module exploits an issue in Google Chrome versions before 87.0.4280.88 64 bit. The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan. It is used along with a typer hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1...
WordPress <= 5.2.3: Hardening Bypass
WordPress Hardening Mechanisms WordPress per default allows users with the administrator role to install plugins and even edit the .php files of plugins from within the admin dashboard. Although this allows for the easy modification of plugins and themes, it also allows malicious administrators t...
flash-plugin: information leaks and hardening bypass fixed in APSB15-23
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service vector-length corruption ...