2N Access Commander 安全漏洞

2N Access Commander is an access control solution provided by 2N Corporation. Versions of 2N Access Commander prior to 3.4.2 contained a security vulnerability. This vulnerability stemmed from the return of an HTTP 500 internal server error when processing malformed or manipulated requests. This...

CVE-2025-27821

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

CVE-2023-4145

Cross-site Scripting XSS - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2...

WordPress Wilmër theme < 3.4.2 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Wilmër versions 3.4.2...

WordPress plugin EditionGuard for WooCommerce – eBook Sales with DRM 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin EditionGuard for WooCommer...

WordPress plugin WP OAuth Server 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2021-24739

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Logo Carousel plugin has a cross-site scripting vulnerability in versions prior to 3.4.2, which stems from a lack o...

CVE-2020-9308

archivereadsupportformatrar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header such as a header size of zero, leading to a SIGSEGV or possibly unspecified other impact...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists through a memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service memory consumption or system crash via invalid MAPHUGETLB mmap operations...

Cross-Site Request Forgery Vulnerability in Joomla!

Joomla! is an open source content management system CMS. A cross-site request forgery vulnerability exists in Joomla! versions 3.2.0 through 3.3.x, and 3.4.x before 3.4.2, which allows remote attackers to hijack requests to upload code via unknown vectors...

CVE-2012-3805

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...