5655 matches found
CVE-2024-50394
An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later...
CVE-2025-2089
A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads ...
ROS-20250307-10
Vulnerability in nginx software is related to TLS session resumption when processing client certificate client certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, an attacker could bypass the authentication process...
PT-2025-10034 · Unknown · Projectworlds Life Insurance Management System
Name of the Vulnerable Software and Affected Versions: projectworlds Life Insurance Management System version 1.0 Description: A critical vulnerability has been found in the projectworlds Life Insurance Management System. The issue is related to an unknown function of the file /clientStatus.php,...
CVE-2025-2041
CVE-2025-2041 affects the web app “s-a-zhd Ecommerce-Website-using-PHP 1.0.” The vulnerability is a SQL injection in the file /shop.php triggered by manipulating the parameter p_cat . It is described as remotely exploitable and the exploit has been disclosed publicly. Connected sources (NVD, Red ...
Linux Distros Unpatched Vulnerability : CVE-2024-8184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS...
Important: libtirpc
Issue Overview: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Affected Packages:...
Linux Distros Unpatched Vulnerability : CVE-2024-6779
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...
The vulnerability of the ArcGIS Server server, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of ArcGIS Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the ArcGIS Server server, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of ArcGIS Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
Linux Distros Unpatched Vulnerability : CVE-2025-0434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2022-40899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicio...
Linux Distros Unpatched Vulnerability : CVE-2015-4047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted...
Linux Distros Unpatched Vulnerability : CVE-2014-9709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2016-1683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2016-3718
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via...
Linux Distros Unpatched Vulnerability : CVE-2014-8485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute...
Linux Distros Unpatched Vulnerability : CVE-2012-3417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which...
Linux Distros Unpatched Vulnerability : CVE-2016-2182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denia...
Linux Distros Unpatched Vulnerability : CVE-2015-5722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service assertion failure and daemon...