18 matches found
EUVD-2026-41863
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
EUVD-2017-1609
Malware in sbrugna...
Moss 安全漏洞
Moss is a simple and lightweight content management system open-sourced by deep-project. A security vulnerability exists in Moss versions prior to 0.15, which stems from a misconfiguration of the file upload feature that could result in the upload of arbitrary files...
CVE-2002-20002
The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand, which is not a strong random number generator, for cryptographic keys...
CVE-2024-56830
The CVE-2024-56830 issue affects the Net::EasyTCP Perl module (libnet-easytcp-perl) versions 0.15–0.26. The root cause is fallback to Perl’s insecure rand() when Crypt::Random isn’t available, risking weak randomness. Debian/OSV/NASL references confirm a fix: upgrade to Debian 11 bullseye package...
DEBIAN-CVE-2021-32292
An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...
PT-2022-28275 · Tuf · Tuf
Name of the Vulnerable Software and Affected Versions: TUF versions 0.14.0 through 0.15.x Description: The issue concerns the verify root self signed function, which verifies self-signatures in new root metadata files. This function counted multiple signatures by any new root key towards the new...
CVE-2022-36450
Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL...
PYSEC-2020-52
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
JDK: Unrestricted access to diagnostic operations
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...
JDK: Unrestricted access to diagnostic operations
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...
JDK: Unrestricted access to diagnostic operations
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...
pdfresurrect 0.15 - Buffer Overflow
pdfresurrect 0.15 - Buffer Overflow Exploit Title: pdfresurrect 0.15 Buffer Overflow Date: 2019-07-26 Exploit Author: j0lama Vendor Homepage: https://github.com/enferex/pdfresurrect Software Link: https://github.com/enferex/pdfresurrect Version: 0.15 Tested on: Ubuntu 18.04 CVE : CVE-2019-14267...
PT-2018-13924
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.14.x through 0.14.2 Bitcoin Core versions 0.15.x through 0.15.1 Bitcoin Core versions 0.16.x through 0.16.2 Bitcoin Knots versions 0.14.x through 0.16.2 Description: The issue allows a remote denial of service, which c...
Pepperminty-Wiki XXE Attack Vulnerability
Pepperminty-Wiki is an open source hypertext system. The system supports file uploads, history, and dynamic support. A security vulnerability exists in the 'getsvgsize' function in Pepperminty-Wiki version 0.15. A remote attacker can exploit this vulnerability to cause a denial of service and...
Remote code execution
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution...
CVE-2017-1000497
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution...
Gentoo Security Advisory GLSA 201208-04 (gajim)
The remote host is missing updates announced in advisory GLSA 201208-04. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...