13 matches found
PT-2026-36803
Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.3 Description A buffer overflow exists in the FBX Importer. The issue occurs within the aiMaterial::AddBinaryProperty function, where a property key string from a specially crafted FBX file is copied into a...
CVE-2025-66511 Nextcloud Calendar app used predictable proposal participant tokens
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 6.0.3, the Calendar app generates participant tokens for meeting proposals using a hash function, allowing an attacker to compute valid participant tokens, which allowed them to request details and submit dates in meeting proposals. The...
UBUNTU-CVE-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress versions prior to 6.0.3. An attacker exploiting this...
PT-2022-35016 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the Bluetooth L2CAP protocol in the Linux Kernel. It involves the initialization of delayed works at l2cap chan create. The actual impact and attack plausibility have...
PT-2022-35109 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the wifi ath11k driver in the Linux Kernel. It is noted that the problem occurs when disconnected, specifically with an issue finding a peer with peer id 0. The actual...
PT-2022-35035 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue is related to the compiletime strlen function under UBSAN BOUNDS LOCAL. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-35050 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a null pointer reference in the arch prepare kprobe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-35015 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the Bluetooth hci sysfs component in the Linux Kernel. It involves attempting to call device add multiple times. The actual impact and attack plausibility have not yet...
PT-2022-35111 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a use after free in the mt7921 acpi read function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
PT-2022-34981 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the blk-throttle component, where an overflow can occur while calculating wait time. The actual impact and attack plausibility have not yet been proven. Recommendation...
DEBIAN-CVE-2020-14147
An integer overflow in the getnum function in luastruct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox restrictions via a large...
Red Hat redhat-access-plugin for OpenStack Dashboard Arbitrary File Read Vulnerability
Red Hat redhat-access-plugin for OpenStack Dashboard horizon is a technology preview plugin from Red Hat, Inc. that provides seamless, integrated access to Red Hat's subscription services from the Red Hat OpenStack Management Portal. A security vulnerability exists in the 'log-viewing' function i...