Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add a missing call to ssamrequestsyncfree Although rare, ssamrequestsyncinit can fail. In that case, the request should be freed using ssamrequestsyncfree. Currently, the request is instead leaked. F...

EUVD-2012-0852

Malware in sbrugna...

EUVD-2025-9378

Malicious code in bioql PyPI...

Incorrect Authorization

Overview org.wso2.am:am-parent is a WSO2 API Manager - Aggregator Module Affected versions of this package are vulnerable to Incorrect Authorization due to a business logic flaw in SOAP admin services. An attacker can create a new user with elevated permissions by exploiting accessible SOAP admin...

PT-2024-11812 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to a missing call to ssam request sync free in the platform/surface: aggregator component. Although rare, ss...

CVE-2015-4355

Cross-site request forgery CSRF vulnerability in the Watchdog Aggregator module for Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable monitoring sites via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service loss of updates due to rate limit...

CVE-2012-0826

CVE-2012-0826 is a CSRF vulnerability in Drupal’s Aggregator module affecting Drupal 6.x before 6.23 and 7.x before 7.11. The issue allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and may cause a denial of service via rate-limited updates...

FreeBSD : drupal -- multiple vulnerabilities (10720fe8-51e0-11e1-91c1-00215c6a37bb)

Drupal development team reports : Cross Site Request Forgery vulnerability in Aggregator module CVE: CVE-2012-0826 A CSRF vulnerability can force an aggregator feed to update. Since some services are rate-limited e.g. Twitter limits requests to 150 per hour this could lead to a denial of service...

CVE-2008-0272

Cross-site request forgery CSRF vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users...

CVE-2008-0272

Cross-site request forgery CSRF vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users...

CVE-2008-0272

CVE-2008-0272 affects the Drupal aggregator module (Drupal 4.7.x before 4.7.11 and 5.x before 5.6). The issue is a cross-site request forgery that lets remote attackers delete items from a feed as privileged users, using a simple GET request. OpenVAS/NVD entries corroborate the CSRF wording and i...

CVE-2008-0272

Cross-site request forgery CSRF vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users...

drupal -- cross site request forgery

The Drupal Project reports: The aggregator module fetches items from RSS feeds and makes them available on the site. The module provides an option to remove items from a particular feed. This has been implemented as a simple GET request and is therefore vulnerable to cross site request forgeries...

[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues

------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-024 ------------------------------------------------------------------------ ---- Project: Drupal core Date: 2006-Oct-18 Security risk: Moderately critical Exploitable from: Remot...

FreeBSD : drupal -- multiple XSS vulnerabilities (b2383758-5f15-11db-ae08-0008743bf21a)

The Drupal Team reports : A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

drupal -- multiple XSS vulnerabilities

The Drupal Team reports: A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

DRUPAL-SA-2006-024 - Drupal core - Multiple cross site scripting vulnerabilities

Multiple XSS cross site scripting vulnerabilities have been discovered. A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS...