14 matches found
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. All FreeRDP-based clients that use the /video command-line switch may read uninitialized data, interpret it as audio/video, and display the result. Server implementations based on FreeRDP are not affected by this issue. This issue has...
EUVD-2026-29391
The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseoativetab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-68430 CVAT vulnerable to directory traversal via mounted share listing
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of...
CVE-2025-13588
A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...
EUVD-2025-198624
A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...
EUVD-2022-41785
Malicious code in bioql PyPI...
CVE-2023-22327
Out-of-bounds write in firmware for some IntelR FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-34009
Missing Authorization vulnerability in Inisev Social Media & Share Icons ultimate-social-media-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a through = 2.8.1...
Jenkins Plugin TestComplete support 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2022-39282 RDP client: Read of uninitialized memory with parallel port redirection
FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using /parallel command line switch might read uninitialized data and send it to the server the client is currently connected to. FreeRDP based server implementations are not affected. Please...
Timing Attack
Overview Affected versions of this package are vulnerable to Timing Attack. Some components in Apache Kafka use Arrays.equals to validate a password or key, which is vulnerable to brute force attacks by malicious users. Remediation Upgrade org.apache.kafka:connect-runtime to version 2.8.1, 2.7.2 ...
Micro Focus ArcSight Management Center Cross-Site Scripting Vulnerability
Micro Focus ArcSight Management Center ArcMC is a security management center from Micro Focus UK that centrally manages ArcSight e.g. HP ArcSight Logger, etc. deployments through a unified interface. A cross-site scripting vulnerability exists in Micro Focus ArcMC versions prior to 2.81, which ca...
PT-2018-16203 · Egg · Egg-Scripts
Name of the Vulnerable Software and Affected Versions: egg-scripts versions prior to 2.8.1 Description: A command injection issue allows arbitrary shell command execution through a maliciously crafted command line argument. This is only exploitable if a malicious argument is provided on the comma...
DEBIAN-CVE-2018-6535
An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker...