342 matches found
CVE-2023-53152
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrmbuddyfini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. 61811.450562 RIP:...
Linux Distros Unpatched Vulnerability : CVE-2023-39039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. CVE-2023-39039 Note that...
TYPO3 CSV download feature information disclosure
Missing authorization checks in the CSV download feature of TYPO3 CMS versions 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to disclose information from arbitrary database tables stored within the users' web mounts without having access to them...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to inconsistent checks in the backend routing. An attacker can gain unauthorized access to backend AJAX routes by directly invoking them without proper permissions. Note: Additional fixed versions are available...
Linux Distros Unpatched Vulnerability : CVE-2021-22234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all...
CVE-2025-43187
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code...
Linux Distros Unpatched Vulnerability : CVE-2021-22252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7 allowed a Developer to access protected CI variables which should onl...
CVE-2010-20120
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...
CVE-2010-20120 Maple <= v13 Maplet File Creation and Command Execution
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...
CVE-2010-20120
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...
CVE-2010-20120 Maple <= v13 Maplet File Creation and Command Execution
Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...
Linux Distros Unpatched Vulnerability : CVE-2019-15605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed CVE-2019-15605 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2021-22192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on th...
Linux Distros Unpatched Vulnerability : CVE-2021-22233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details CVE-2021-22233 Note that Nessus relies on t...
Malicious code in botprotect-v13 (npm)
The package botprotect-v13 was found to contain malicious code...
DLA-4273-1 postgresql-13 - security update
Bulletin has no description...
CVE-2025-5072
Resource leak vulnerability in ASR180x、ASR190x in conmgr allows Resource Leak Exposure.This issue affects FalconLinux、Kestrel、LapwingLinux: before v1536...
CVE-2025-27706
CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator visits t...
Absolute Secure Access 访问控制错误漏洞
Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.54 that stems from improper authorization of the management console, which...
CVE-2023-22335
Improper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to bypass access restriction and download an arbitrary file of the directory where the product runs. As a result of exploiting this vulnerability with...