Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fixed the use of memory after it is freed in lineinfochangednotify. The use-after-free issue occurs as follows: when the GPIO chip device file is closed by invoking gpiochrdevrelease, the data structure watchedLine...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice The ethnlreqgetPhyDev function is used to look up a phyDevice, in cases where an ethtool netlink command targets a specific phyDevice within a netDevice’s topolog...

CVE-2025-5228

A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpdgetparm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated with...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from the parameter notify in the file /login.cgi that fails to correctly validate the leng...

CVE-2024-32455

Missing Authorization vulnerability in Very Good Plugins Fatal Error Notify.This issue affects Fatal Error Notify: from n/a through 1.5.2...

CVE-2024-23734

Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...

CVE-2024-23735

Cross Site Scripting XSS vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate...

CVE-2024-30565

An issue was discovered in SeaCMS version 12.9, allows remote attackers to execute arbitrary code via admin notify.php...

CVE-2024-23737

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

CVE-2024-23736

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

CVE-2024-52757

D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arpsysasp function...

CVE-2023-0908

A vulnerability, which was classified as problematic, was found in Xoslab Easy File Locker 2.2.0.184. This affects the function MessageNotifyCallback in the library xlkfs.sys. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been...

CVE-2023-41690

Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5...

CVE-2023-30497

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Simon Chuang WP LINE Notify plugin = 1.4.4 versions...

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...

CVE-2023-3958

The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notifypingremote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locatio...

[SECURITY] Fedora 41 Update: python-watchfiles-1.0.3-4.fc41

Simple, modern and high performance file watching and code reload in python. Underlying file system notifications are handled by the Notify rust library...

[SECURITY] Fedora 42 Update: python-watchfiles-1.0.4-5.fc42

Simple, modern and high performance file watching and code reload in python. Underlying file system notifications are handled by the Notify rust library...

CVE-2022-44625

Auth. admin+ Stored Cross-Site Scripting' vulnerability in Zephilou Cyklodev WP Notify plugin = 1.2.1 versions...

CVE-2020-2116

A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...