RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

...

Rails Ruby on Rails Path Traversal Vulnerability

Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to render file: can cause arbitrary files on the target server to be rendered, disclosing the file contents...

VulnCheck KEV: CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed...

CVE-2025-36593

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed...

CVE-2025-53309

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

CVE-2025-53322

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Authorize.NET Payments Using Contact Form 7 accept-authorize-net-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Authorize.NET Payments Using Contact Form 7: from n...

CVE-2025-53309

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

CVE-2025-53322 WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.5 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Authorize.NET Payments Using Contact Form 7 accept-authorize-net-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Authorize.NET Payments Using Contact Form 7: from n...

CVE-2025-53309

CVE-2025-53309 refers to a vulnerability in the WordPress plugin Accept Stripe Payments Using Contact Form 7 (versions 3.0 and earlier). The issue is described as Insertion of Sensitive Information Into Sent Data, enabling retrieval of embedded sensitive data. Public sources in the provided docum...

CVE-2025-53309 WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.0 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

OESA-2025-1686 rubygem-rack security update

Rack provides a minimal, modular, and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

OESA-2025-1684 rubygem-rack security update

Rack provides a minimal, modular, and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

WordPress plugin Accept Stripe Payments Using Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Accept...

PT-2025-27218 · Unknown · Accept Authorize.Net Payments Using Contact Form 7

Name of the Vulnerable Software and Affected Versions: Accept Authorize.NET Payments Using Contact Form 7 versions 2.5 and earlier Description: The issue allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For Accept...

SUSE CVE-2025-38079

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

AZL-64007 CVE-2025-38079 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

UBUNTU-CVE-2025-38079

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

CVE-2025-38079 crypto: algif_hash - fix double free in hash_accept

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a double release in hashaccept, which could lead to memory reuse after release...

CVE-2024-32924

In DeregAcceptProcINT of cnNrmmStateDeregInit.cpp, there is a possible denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...