SUSE CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

CVE-2026-7835

Netatalk 3.0.3–4.4.2 are affected by a format string argument mismatch. The issue (CVE-2026-7835) is fixed in 4.5.0. Debates indicate a remote authenticated attacker could cause a minor denial of service via crafted input; CVSS indicates Low impact. Recommended remediation: upgrade to Netatalk 4....

CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3extensions (=1.0.1), @51jbs/incremental-coverage-plugin (=1.0.5) +541 more potentially affected by CVE-2022-25912 +1 more via simple-git (>=3.0.3 <=3.35.2)

simple-git NPM version =3.0.3, =1.0.1, =1.0.1, =0.0.0-ad-beta.1, =0.0.0-aj-beta.3, =23.0.0, =35.0.0, =1.4.0, =0.1.5-alpha.0, =1.0.2, =0.0.0-aj-beta.221, =8.7.2, =8.11.4 and more Source cves: CVE-2022-25912, CVE-2026-6951 Source advisory: SNYK:JS-SIMPLEGIT-15456078...

CVE-2025-67975

Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through = 3.0.3...

WordPress Nirweb support plugin <= 3.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Plugin Nirweb support versions = 3.0.3...

WordPress Sur.ly plugin <= 3.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Sur.ly versions = 3.0.3...

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

CVE-2024-45152

Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-45141

Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-45139

Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2024-7113 · Adobe · Substance3D - Stager

Name of the Vulnerable Software and Affected Versions: Substance3D - Stager versions 3.0.3 and earlier Description: The issue is a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, whe...

PT-2024-7120 · Adobe · Substance3D - Stager

Name of the Vulnerable Software and Affected Versions: Substance3D - Stager versions 3.0.3 and earlier Description: The issue is caused by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...

Fluent Bit 安全漏洞

Fluent Bit is an open source log processing and analysis system written in C. A security vulnerability exists in Fluent Bit versions 2.0.7 through 3.0.3, which stems from a security issue in the parsing of trace requests by the http server that could lead to a denial of service condition,...

AZL-35901 CVE-2024-28180 affecting package packer for versions less than 1.9.5-6

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if t...

CVE-2023-28440

Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where admins are untruste...

Apache Spark <= 3.0.3 / 3.1.1 < 3.1.3 / 3.2.x < 3.2.1 RCE (CVE-2022-33891)

Binary data apachesparkcve-2022-33891.nbin...

K33828251: Apache Spark vulnerability CVE-2022-33891

Security Advisory Description The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in...

SUSE CVE-2022-39047

Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL...

@51jbs/incremental-coverage-plugin (=1.0.5), @51jbs/spec-plugin (=2.0.0) +98 more potentially affected by CVE-2022-25860 +1 more via simple-git (>=3.0.3 <=3.15.1)

simple-git NPM version =3.0.3, =0.0.0-ad-beta.1, =0.0.0-aj-beta.3, =5.26.6, =14.24.1, =2.0.0, =0.0.64, =1.0.1-beta.0, =2.2.0, =2.3.2 and more Source cves: CVE-2022-25860, CVE-2022-25912 Source advisory: SNYK:JS-SIMPLEGIT-3177391...