18 matches found
iTerm2 安全漏洞
iTerm2 is a terminal emulator developed by George Nachman for Mac OS X. Versions of iTerm2 prior to 3.6.9 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of executing code through DCS 2000p and OSC 135 data when displaying .txt files. This was because iTerm2...
CVE-2026-35474
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, open redirect has been found in WeGIA webapp. The redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...
CVE-2026-35475
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, the redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...
CVE-2026-35475
WeGIA (Web manager for charitable institutions) suffers an open redirect vulnerability prior to version 3.6.9. The redirect parameter is read directly from $_GET with no URL validation or whitelist, and is then used verbatim in a Location header, enabling potential redirection abuse. This is miti...
CVE-2026-35474
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, open redirect has been found in WeGIA webapp. The redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...
CVE-2026-35472
WeGIA (Web manager for charitable institutions) has an Open Redirect in the /WeGIA/controle/control.php endpoint, exploitable via the nextPage parameter when used with metodo=listarTodos and nomeClasse=EstoqueControle. The application does not validate/restrict nextPage, enabling redirects to arb...
WeGIA 输入验证错误漏洞
WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...
WeGIA 输入验证错误漏洞
WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter, which could lead to...
PT-2026-30734
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...
CVE-2025-15466
CVE-2025-15466 refers to the WordPress plugin Image Photo Gallery Final Tiles Grid (Lite) with a vulnerability caused by missing capability checks on multiple AJAX actions, affecting all versions up to and including 3.6.9. The issue enables authenticated attackers with Contributor-level access or...
OFFIS DCMTK 代码问题漏洞
OFFIS DCMTK is a collection of libraries and applications that implement most of the DICOM standards from OFFIS Germany. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...
DEBIAN-CVE-2025-14607
A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to...
DCMTK 安全漏洞
DCMTK is a collection of libraries and applications that implement most of the DICOM standards from the DCMTK open source. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...
DCMTK 安全漏洞
DCMTK is a collection of libraries and applications that implement most of the DICOM standards from the DCMTK open source. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...
Astra Linux – Vulnerability in dcmtk
In DCMTK, versions prior to 3.6.9 have a segmentation fault due to an invalid DIMSE message...
BELL-CVE-2024-36935
Bulletin has no description...
WordPress Plugin SMS Alert Order Notifications Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2022-8587
Name of the Vulnerable Software and Affected Versions Moodle versions prior to 3.8.2 Moodle versions prior to 3.7.5 Moodle versions prior to 3.6.9 Moodle versions prior to 3.5.11 Description The issue allows users to view the grade history report without proper restrictions. Specifically, users...