9 matches found
Astra Linux – Vulnerability in Python 3.7
There is a flaw in Python 3’s pydoc documentation. A local or nearby attacker who discovers or can convince another local or nearby user to start a pydoc server could access the server and use it to disclose sensitive information belonging to that user that they would not normally be able to...
CVE-2026-27395 WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...
ALPINE-CVE-2021-3426
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...
CVE-2021-3426
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...
PT-2019-7746 · Headway · Headway
Name of the Vulnerable Software and Affected Versions: Headway theme versions prior to 3.8.9 Description: The issue concerns a Cross-Site Scripting XSS flaw. This type of flaw occurs when an application includes user input in its output without proper validation or encoding, allowing an attacker ...
SQLite Denial of Service Vulnerability (CNVD-2015-02748)
SQLite is an open source C-based embedded relational database management system developed by American software developer D. Richard Hipp. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in the 'sqlite3VXPrintf' function in the...
DEBIAN-CVE-2015-3415
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service invalid free operation or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by...
UBUNTU-CVE-2013-2094
The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...
CVE-2011-1008
ScripsOverlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information,...