Astra Linux - уязвимость в munge

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

Astra Linux - уязвимость в libmysofa

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions e.g. in embedded environment...

PT-2026-1299

Name of the Vulnerable Software and Affected Versions Corourke iPhone Webclip Manager versions through 0.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a potential Cross-site Scripting XSS issue. Specifically, the vulnerability...

WordPress plugin iPhone Webclip Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

EUVD-2025-30583

Malicious code in bioql PyPI...

PT-2025-38901

Name of the Vulnerable Software and Affected Versions Mayo Moriyama Force Update Translations versions through 0.5 Description A Cross-Site Request Forgery CSRF issue exists in Force Update Translations. This allows attackers to perform actions on behalf of unsuspecting users. The issue allows...

WordPress plugin WP Github Gist 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

Linux Distros Unpatched Vulnerability : CVE-2020-36152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. CVE-2020-36152...

WordPress plugin Comment Validation Reloaded 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Shuffle plugin <= 0.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Theme Shuffle versions = 0.5...

PT-2025-5932 · Unknown · Bnielsen Indeed Api

Name of the Vulnerable Software and Affected Versions: bnielsen Indeed API versions 0.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is achieved by tricking the user into...

SUSE CVE-2020-36150

Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block...

PT-2021-11932 · Libmysofa +1 · Libmysofa +1

Name of the Vulnerable Software and Affected Versions: libmysofa library versions 0.5 through 1.1 Description: The issue arises from incorrect handling of input data in the loudness function within the libmysofa library, leading to a heap buffer overflow and access to an unallocated memory block...

PT-2021-11933 · Libmysofa +1 · Libmysofa +1

Name of the Vulnerable Software and Affected Versions: libmysofa versions 0.5 through 1.1 Description: The issue arises from incorrect handling of input data in the mysofa resampler reset mem function, leading to a heap buffer overflow and the potential overwriting of a large memory block...

PT-2021-11934 · Symonics +2 · Libmysofa +2

Name of the Vulnerable Software and Affected Versions: Symonics libmysofa versions 0.5 through 1.1 Description: The issue allows attackers to execute arbitrary code via a crafted SOFA file, due to a buffer overflow in the readDataVar function in hdf/dataobject.c. Recommendations: For versions 0.5...

[SCSA-024] BES-CMS including file vulnerability

====================================================================== Security Corporation Security Advisory SCSA-024 BES-CMS including file vulnerability ====================================================================== PROGRAM: BES-CMS HOMEPAGE: http://bes.h6p.org VULNERABLE VERSIONS: 0.4...