13 matches found
CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting
Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...
CVE-2023-39212
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access...
Zoom Rooms Code Issue Vulnerability
Zoom Rooms is a software-based conferencing system from Zoom USA. A system that allows web conferencing on fixed endpoints, similar to traditional video conferencing systems. A security vulnerability previously existed in Zoom Rooms for Windows version 5.15.5, which stemmed from an untrusted sear...
Zoom Client Input Validation Error Vulnerability
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Desktop Client for Windows version 5.15.5, which stemmed from an improper input validation issue...
GSD-2021-1002343 staging: rtl8723bs: remove a third possible deadlock
staging: rtl8723bs: remove a third possible deadlock This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
GSD-2021-1002331 ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
ALSA: usb-audio: fix null pointer dereference on pointer csdesc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
GSD-2021-1002323 iavf: don't clear a lock we don't hold
iavf: don't clear a lock we don't hold This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit c3db4fffb364ac7bf602de115afe69c32a46383...
UVI-2021-1002317 scsi: ufs: core: Improve SCSI abort handling
scsi: ufs: core: Improve SCSI abort handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
GSD-2021-1002314 i40e: Fix NULL ptr dereference on VSI filter sync
i40e: Fix NULL ptr dereference on VSI filter sync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
GSD-2021-1002306 cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
cfg80211: call cfg80211stopap when switch from P2PGO type This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
MGASA-2021-0406 Updated qtwebengine5 packages fix security vulnerabilities
Updated qtwebengine5 packages fix security vulnerabilities: The qtwebengine5 package has been updated to version 5.15.5, fixing several security issues in the bundled chromium code...
PT-2019-7207 · Apache +2 · Apache Activemq +2
Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ client versions prior to 5.15.5 Description: A remote shutdown command in the ActiveMQConnection class was exposed, allowing an attacker logged into a compromised broker to achieve denial of service on a connected client...
Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors
Researchers have found a cross-site scripting XSS flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites. The vulnerability CVE-2018-8006 was disclosed today and impacts ActiveMQ versions earlier than...