CVE-2026-39832 affecting package packer for versions less than 1.9.5-14

CVE-2026-39832 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...

Astra Linux - уязвимость в unbound

Before version 1.9.5, Unbound allowed an out-of-bounds write operation through a compressed name in rdatacopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

AZL-76980 CVE-2025-58190 affecting package packer for versions less than 1.9.5-18

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

AZL-54401 CVE-2024-45338 affecting package packer for versions less than 1.9.5-7

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

WordPress plugin directory-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

SUSE CVE-2019-25031

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contributed script from the...

CVE-2022-2189

The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2022-2189

The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

WordPress plugin Pricing Table by Supsystic 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Pricing Table by Supsystic plugin versions prior to 1.9.5 contain a cross-site scripting...

openSUSE 15 Security Update : unbound (openSUSE-SU-2022:0176-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0176-1 advisory. - DISPUTED Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack...

CVE-2021-24896

The Caldera Forms WordPress plugin before 1.9.5 does not sanitise and escape the Form Name before outputting it in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Unbound Integer Overflow Vulnerability

Unbound is a DNS resolver that supports validation, recursion, and caching features. An integer overflow vulnerability exists in the size calculation in respip/respip.c in versions of Unbound prior to 1.9.5. No detailed vulnerability details are provided at this time...

UBUNTU-CVE-2019-25031

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contributed script from the...

NLnet Labs Unbound 输入验证错误漏洞

Unbound is a DNS resolver that supports validation, recursion, and caching features. An integer overflow vulnerability exists in the region allocator in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability to cause an integer overflow via regionalloc...

Unbound 输入验证错误漏洞

Unbound is a DNS resolver that supports validation, recursion, and caching features. An integer overflow vulnerability exists in the size calculation in dnscrypt/dnscrypt.c in versions of Unbound prior to 1.9.5. No detailed vulnerability details are provided at this time...

NLnet Labs Unbound 输入验证错误漏洞

Unbound is a DNS resolver that supports validation, recursion, and caching features. An integer overflow vulnerability exists in the size calculation in respip/respip.c in versions of Unbound prior to 1.9.5. No detailed vulnerability details are provided at this time...

Sudo Backlink Vulnerability

Sudo is a program used on Unix-like systems that allows users to execute commands with special privileges in a secure manner. A backlink vulnerability exists in versions of Sudo prior to 1.9.5 that allows an attacker to test for the existence of a directory anywhere on the file system...

Sudo Backlink Vulnerability

Sudo is a program used on Unix-like systems that allows users to execute commands with special privileges in a secure manner. A backlink vulnerability exists in versions of sudo prior to 1.9.5, which can be exploited by an attacker to change the ownership of arbitrary files using sudoedit...

PT-2019-6132 · Nlnet +8 · Unbound +8

Name of the Vulnerable Software and Affected Versions: Unbound versions prior to 1.9.5 Description: The issue is related to an integer overflow in a size calculation in respip/respip.c. Although the vendor disputes that this is a vulnerability, the code may be vulnerable. However, a running Unbou...

KMail 1.x GnuPG Arbitrary Content Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22759/info KMail is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing. An attacker may be able to exploit this issue to add arbitrary content into a...