OpenText Content Suite Platform 代码问题漏洞

OpenText Content Suite Platform is a top-of-the-line enterprise content management ECM system from OpenText. It can manage the entire enterprise information lifecycle, from capture to archiving and disposal. A security vulnerability exists in OpenText Content Suite Platform version 22.1, which...

xorg-x11-server: XvdiSelectVideoNotify use-after-free

A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding...

xorg-x11-server: XvdiSelectVideoNotify use-after-free

A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding...

PT-2025-37700

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc4 Description: The Linux kernel contains a flaw in the VMCI subsystem where a call to get user pages fast in vmci host setup notify can return a NULL value for context-notify page, leading to a general...

CVE-2022-34322

Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...

OESA-2022-2163 xorg-x11-server security update

Xephyr is an X server which has been implemented as an ordinary X application. It runs in a window just like other X applications,but it is an X server itself in which you can run other software. It is a very useful tool for developers who wish to test their applications without running them on...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from a failure to trigger a notification for sensiti...

CVE-2021-39426

An issue was discovered in /Upload/admin/adminnotify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set...

FeehiCMS 跨站脚本漏洞

FeehiCMS is a Php-based CMS website builder by Liufee Personal Developer. A security vulnerability exists in FeehiCMS version 2.1.1, which originated from allowing a remote attacker to run arbitrary code via the callback parameters of /cms/notify...

PT-2022-25161 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: FeehiCMS version 2.1.1 Description: The issue allows remote attackers to run arbitrary code via the callback parameter to the "/cms/notify" API endpoint. This enables attackers to execute malicious scripts on the victim's browser, potentially...

AZL-44661 CVE-2022-46342 affecting package xorg-x11-server 1.20.10-6

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se...

DEBIAN-CVE-2022-46342

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se...

UBUNTU-CVE-2022-46342

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se...

woodenpallet.net Cross Site Scripting vulnerability OBB-3089102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kernel: arch/arm64: Fix topology initialization for core scheduling

In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopology to call updatesiblingsmasks to transfer the toplogy to the various cpu masks. This needs to be done before the call to...

WordPress Cyklodev WP Notify plugin <= 1.2.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep aka sk4rl1ghT Patchstack Alliance in the WordPress Cyklodev WP Notify plugin versions = 1.2.1. Solution No patched version is available...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...