8 matches found
SUSE CVE-2026-32726
SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass in path-based scope validation. The enforcer used a simple string-prefix comparison when checking whether a requested resource path was...
CVE-2025-69248 free5GC has Array Index Out of Bounds in AMF Leading to Denial of Service
free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NA...
CVE-2025-62370 Alloy Core has a DoS vulnerability on `alloy_dyn_abi::TypedData` hashing
Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior to 0.8.26 and 1.4.1, an uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services m...
WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin MachForm Shortcode versions = 1.4.1...
WordPress plugin Send Emails with Mandrill 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
UBUNTU-CVE-2018-11743
The initcopy function in kernel.c in mruby 1.4.1 makes initializecopy calls for TTICLASS objects, which allows attackers to cause a denial of service mrbhashkeys uninitialized pointer and application crash or possibly have unspecified other impact...
qemu: guest agent creates files with insecure permissions in deamon mode
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files...
xfree86: information disclosure via TOG-CUP extension
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...