PT-2025-7874 · Wpchill · Strong Testimonials

Name of the Vulnerable Software and Affected Versions: Strong Testimonials versions prior to 3.2.4 Description: A Missing Authorization issue in WP Chill Strong Testimonials allows accessing functionality not properly constrained by ACLs. Recommendations: For versions prior to 3.2.4, update to...

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony prior to version v3.2.4. A local attacker exploiting the vulnerability could cause an application to crash via type...

PT-2024-22708 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to cause a denial of service DOS through a stack overflow. Recommendations: For versions prior to 3.2.4, update to a version that contains a fix for this issue...

PT-2024-19205 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to execute arbitrary code in any apps through use after free. Recommendations: For versions prior to 3.2.4, update to a version that contains a fix for this...

PT-2024-13681 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to cause an information leak through an out-of-bounds read. Recommendations: For OpenHarmony versions prior to 3.2.4, update to a version newer than 3.2.4 to...

Shibboleth 代码问题漏洞

Shibboleth is an open source SAML protocol web single sign-on system for Windows based platforms from Shibboleth, UK. A security vulnerability exists in Shibboleth XMLTooling prior to version 3.2.4, which is caused by server-side request forgery SSRF via a specially crafted KeyInfo element...

CVE-2021-24656

The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts depending on the settings used, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml...

CVE-2021-24512

The Video Posts Webcam Recorder WordPress plugin before 3.2.4 has an authenticated reflected cross site scripting XSS vulnerability in one of the administrative functions for handling deletion of videos...

ALPINE-CVE-2020-14387

A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise...

DEBIAN-CVE-2020-14387

A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise...

Mercurial sshpeer '_validaterepo' function arbitrary command execution vulnerability

Mercurial is a software developer Matt Mackall developed a set of cross-platform distributed version control software written in the Python language . The software supports the simultaneous processing of plain text and binary files and so on. A security vulnerability exists in the 'validaterepo'...