CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

CVE-2025-64186

The CVE concerns the evervault-go SDK used for enclave attestation. A vulnerability in versions prior to 1.3.2 allowed incomplete attestation documents to pass validation, potentially causing a client to trust an enclave operator that does not meet integrity guarantees. The issue centers on insuf...

Evervault Go SDK 数据伪造问题漏洞

Evervault Go SDK is an open source development toolkit from Evervault. A Data Forgery Issue vulnerability exists in Evervault Go SDK versions prior to 1.3.2, which stems from incomplete validation logic that could lead to trusting an enclave operator that does not meet integrity guarantees...

CVE-2011-10017

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

PT-2025-33086 · Snort +1 · Snort +1

Name of the Vulnerable Software and Affected Versions: Snort versions prior to 1.3.2 Description: Snort Report versions prior to 1.3.2 contain a remote command execution issue in the nmap.php and nbtscan.php scripts. These scripts do not properly sanitize user input received through the target GE...

CVE-2020-7126

A remote server-side request forgery ssrf vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

Ratify 授权问题漏洞

Ratify is an artifact approval framework CNCF sandbox from Ratify open source. An authorization issue vulnerability exists in Ratify version 1.2.3 and prior to version 1.3.2 that stems from the Azure Authentication Provider not verifying that the target registry is ACR, which could lead to misuse...

Grist 跨站脚本漏洞

Grist is a modern relational spreadsheet open-sourced by Grist. A cross-site scripting vulnerability exists in Grist versions prior to 1.3.2, which stems from a JavaScript in an SVG file that can be executed in the context of the user's current page, thereby compromising the account of a user who...

PT-2024-18356 · WordPress · Vikrentcar Car Rental Management System

Name of the Vulnerable Software and Affected Versions: VikRentCar Car Rental Management System WordPress plugin versions prior to 1.3.2 Description: The issue is related to the lack of CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSR...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in versions prior to Nextcloud 1.3.2, which stems from the ability to break/bypass authentication in the application...

WordPress plugin HUSKY 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Microweber 代码问题漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A code issue vulnerability exists in Microweber versions prior to 1.3.2, which stems fro...

WordPress 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. WordPress Tab plugin version before 1.3.2 has...

ALPINE-CVE-2021-3121

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue...

PYSEC-2020-60

A stored cross-site scripting XSS vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users...

Aruba Networks Aruba Airwave Remote Command Execution Vulnerability

Aruba Networks Aruba Airwave is Aruba Networks' software for visualizing, tracking, and managing wired wireless networks. A remote command execution vulnerability exists in Aruba Airwave Software versions prior to 1.3.2, which can be exploited by an unauthenticated attacker to remotely execute...

CVE-2020-7128

A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

Aruba Airwave Software Remote Command Execution Vulnerability (CNVD-2020-59213)

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A remote command execution vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker can exploit this...

Aruba Airwave Software Unauthorized Access Vulnerability

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. An unauthorized access vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker could exploit this...

Aruba Airwave Software Remote Command Execution Vulnerability

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A remote command execution vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker can exploit this...