CVE-2025-59706

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution...

CVE-2025-59707

Affected software: N2W. Vulnerable versions: before 4.3.2 and 4.4.x before 4.4.1. Root cause: a spoofing vulnerability that can lead to remote code execution and theft of account credentials. Impact: potential RCE and credential exposure as described in multiple sources (Red Hat and ENISA entries...

CVE-2025-59706

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution...

CVE-2023-32618

Uncontrolled search path in some IntelR oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-2414

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitasavesettingscallback function in versions up to, and including, 4.4.6. This makes it possible for authenticated...

OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in versions of OpenZeppelin Contracts prior to 4.3.2, which can be exploited by an attacker to conduct an uninitialized contract attack...

DEBIAN-CVE-2018-4272

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6...

CVE-2018-4269

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6...

Sophos Web Appliance Cross-Site Scripting Vulnerability

Sophos Web Appliance SWA is a suite of Web security gateway products from Sophos UK. The product supports real-time web threat protection, customized web filtering and dynamic control of applications. A cross-site scripting vulnerability exists in the FTP redirection page in SWA versions prior to...

CVE-2017-9523

The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342...

PT-2019-4673 · Puma +9 · Puma +10

Name of the Vulnerable Software and Affected Versions: Ruby versions prior to 2.4.8 Ruby versions 2.5.x through 2.5.6 Ruby versions 2.6.x through 2.6.4 Puma versions prior to 3.12.3 Puma versions prior to 4.3.2 Description: The issue is related to incorrect handling of special elements in the...