6481 matches found
CVE-2025-34124
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buff...
CVE-2025-53840
Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren't meant to on the dependency map. However, the name of an object will not b...
CVE-2025-7660
The CVE-2025-7660 entry concerns the WordPress Map My Locations plugin. Affected versions up to 1.1 are vulnerable to Stored Cross-Site Scripting via the map_my_locations shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authen...
CVE-2025-7660 Map My Locations <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Map My Locations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mapmylocations' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Map My Locations plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Map My Locations versions = 1.1...
PT-2025-29993 · WordPress · Map My Locations
Name of the Vulnerable Software and Affected Versions: Map My Locations plugin for WordPress versions prior to 1.2 Description: The plugin is susceptible to Stored Cross-Site Scripting through the map my locations shortcode due to inadequate input sanitization and output escaping of user-supplied...
WordPress plugin Map My Locations 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
CVE-2025-34124
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buff...
CVE-2025-34124 Heroes of Might and Magic III .h3m Map File Buffer Overflow
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buff...
CVE-2025-34124 Heroes of Might and Magic III .h3m Map File Buffer Overflow
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buff...
CVE-2025-34124
CVE-2025-34124 affects Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0. Description: a buffer overflow during in-game map loading is triggered by crafted .h3m map files through object sprite name parsing, potentially enabling arbitrary code execution. Exploi...
PT-2025-29886 · Unknown · Heroes Of Might/Magic Iii Complete +2
Name of the Vulnerable Software and Affected Versions: Heroes of Might and Magic III Complete versions 4.0.0.0 Heroes of Might and Magic III HD Mod versions 3.808 build 9 Heroes of Might and Magic III Demo version 1.0.0.0 Description: A buffer overflow vulnerability exists due to malicious .h3m m...
WordPress plugin Avada Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
jfs: Fix uninit-value access of imap allocated in the diMount() function
...
SUSE CVE-2025-38333
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to bail out in getnewsegment ------------ cut here ------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 newcurseg+0x5e8/0x6dc pc : newcurseg+0x5e8/0x6dc Call trace: newcurseg+0x5e8/0x6dc...
SUSE CVE-2025-38341
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnicmbxmapmsg retains the ownership of the message on error. All existing callers dutifully free the page...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
CVE-2024-38327 IBM Analytics Content Hub information disclosure
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...