10 matches found
SUSE-SU-2026:0685-1 Security update for valkey
This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788...
CVE-2025-3583
The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
PT-2024-14933 · Hypr · Hypr Workforce Access
Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows User-Controlled Filename. This affects HYPR Workforce Access on MacO...
HYPR Backlink Vulnerability
HYPR is a security application from HYPR that implements password-less security. A security vulnerability exists in HYPR Workforce Access prior to version 8.7 that stems from an incorrectly resolved file access link that allows a user to take control of a file name...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 8.7.00.1, which stems from improper authorization of Samsung Assistant PushMsgReceive...
SUSE CVE-2016-20012
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...
Unspecified Vulnerability in Oracle Sun Systems Products Suite Sun ZFS Storage Appliance Kit Component (CNVD-2019-36189)
Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Sun ZFS Storage Appliance Kit AK is one of the ZFS storage appliance kits. A security vulnerability exists in the HTTP data path subsystems subcomponent of the Sun ZFS Storage AK prior to version 8.7.18...
CVE-2018-2921
Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: User Interface. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
BMC Server Automation Authentication Bypass Vulnerability
BMC Server Automation is a suite of platforms for managing, controlling, and enforcing configuration changes in data centers from BMC Software, USA. An authentication bypass vulnerability exists in BMC Server Automation version 8.7 Patch 2 and earlier. An attacker could exploit this vulnerability...