Security Bulletin: Cargo in IBM Open SDK for Rust on AIX uses a vulnerable version of thin-vec (CVE-2026-6654)

Summary The cargo package manager in IBM Open SDK for Rust on AIX 1.90.0.1 and 1.92.0.1 uses the thin-vec-0.2.14 crate, which is vulnerable to a double free error. Vulnerability Details CVEID:CVE-2026-6654 DESCRIPTION: Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear...

Top Password SQL Server Password Changer 缓冲区错误漏洞

Top Password SQL Server Password Changer is an SQL password modification tool developed by Top Password. Version 1.90 of Top Password SQL Server Password Changer contains a buffer error vulnerability. This vulnerability stems from buffer overflows in the username and registration code fields, whi...

CVE-2024-41370

Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php...

CVE-2024-7769

The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2024-29380 · Organizr · Organizr

Name of the Vulnerable Software and Affected Versions: Organizr version 1.90 Description: A SQL injection issue was found in Organizr via the chat/settyping.php endpoint. This allows for potential exploitation. Recommendations: For Organizr version 1.90, consider restricting access to the...

Organizr 安全漏洞

Organizr is a tab management system for causefx individual developers. It is intended to be a one-stop store on the front end of the server. A security vulnerability exists in Organizr v1.90, which stems from a SQL injection vulnerability via chat/setlike.php...

PT-2024-29379 · Organizr · Organizr

Name of the Vulnerable Software and Affected Versions: Organizr version 1.90 Description: The issue is related to Cross Site Scripting XSS via the "api.php" endpoint. This means an attacker could potentially inject malicious scripts into the website, affecting users' sessions. Recommendations: Fo...

HPE IlO Amplifier Pack 路径遍历漏洞

HPE IlO Amplifier Pack is a database management software for use in clustered environments from HPE, USA. The software supports Gen8, Gen9 and Gen10 Hewlett Packard Enterprise with automatic firmware and driver updates, manual or automatic recovery of firmware-corrupted systems, and maximizes...

CVE-2021-24424 WP Reset < 1.90 - Authenticated Stored XSS

The WP Reset – Most Advanced WordPress Reset Tool WordPress plugin before 1.90 did not sanitise or escape its extradata parameter when creating a snapshot via the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

TPEditor Stack Buffer Overflow Vulnerability

Delta Industrial Automation TPEditor is a Windows-based Delta text panel programming software from Delta Electronics. A stack buffer overflow vulnerability exists in Delta Industrial Automation TPEditor version 1.90 and prior versions, which originates when the program fails to validate user inpu...

Corega CG-WLR300NM Buffer Overflow Vulnerability

The Corega CG-WLR300NM is a wireless router from Corega Japan. A buffer overflow vulnerability exists in the Corega CG-WLR300NM using firmware version 1.90 and earlier. An attacker can exploit this vulnerability to execute arbitrary code...

VideoSpirit Pro 1.90 Seh Buffer Overflow Vulnerability

Exploit for windows platform in category local exploits !/usr/bin/ruby Vendor: http://www.verytools.com/ Software link: http://www.verytools.com/videospirit/download.html print ''' VideoSpirit Pro Seh Buffer Overflow Version: Pro 1.90 Date found: 11.11.2013 Exploit Author: metacom Tested on:...