CVE-2025-40818

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP4. Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing any user with server access to read these keys. This could allow an authenticated attacker to...

CVE-2025-59432

SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...

Linux Distros Unpatched Vulnerability : CVE-2022-1934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository mruby/mruby prior to 3.2. CVE-2022-1934 Note that Nessus relies on the presence of the package as reported by the vendor...

Combodo iTop 访问控制错误漏洞

Combodo iTop is a suite of open source web applications developed by Combodo France based on ITIL and used for the day-to-day operation of IT environments. The program provides incident management, configuration management, and problem management functionality. An Access Control Error vulnerabili...

CVE-2024-39871

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage...

CVE-2024-39867

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit device configuration information of...

Zope Products.CMFCore 安全漏洞

Products.CMFCore is a key framework service for the Zope Content Management Framework CMF. A security vulnerability exists in Zope Products.CMFCore versions prior to 3.2, which stems from the presence of unchecked input and could lead to an unauthenticated denial of service and crash...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.0-beta.2, which stems from vulnerability to reflective cross-site scripting XSS attacks...

SUSE CVE-2022-0326

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

SUSE CVE-2022-1201

NULL Pointer Dereference in mrbvmexec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system...

WordPress plugin Posts List Designer by Category 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2022-3150

The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin...

UBUNTU-CVE-2022-1427

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

DEBIAN-CVE-2022-1286

heap-buffer-overflow in mrbvmexec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

mruby 资源管理错误漏洞

mruby is a lightweight implementation of the Ruby language. A resource management error vulnerability exists in the GitHub repository mruby/mruby versions prior to 3.2, which stems from the reuse of struescape after release. An attacker could exploit this vulnerability to execute arbitrary code...

DEBIAN-CVE-2022-1201

NULL Pointer Dereference in mrbvmexec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system...

mruby 代码问题漏洞

mruby is a lightweight implementation of the Ruby language. A code issue vulnerability exists in versions prior to mruby 3.2 that can cause the mruby interpreter to crash, which can affect system availability...

UBUNTU-CVE-2022-1106

use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...

mruby 资源管理错误漏洞

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in the GitHub repository mruby/mruby versions prior to 3.2, which stems from a heap buffer overflow in mrbvmexec in mruby/mruby. An attacker could exploit this vulnerability to execute arbitrary code...

DEBIAN-CVE-2022-1071

User after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...