9 matches found
EUVD-2026-40126
Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends...
Security Bulletin: Firewalld Reload Breaks Docker Bridge Network Isolation in Moby (Pre-28.0.0), affects watsonx.data
Summary Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to...
Tiki wiki cms 操作系统命令注入漏洞
Tiki wiki cms is a website CMS. An operating system command injection vulnerability exists in versions of Tiki Wiki CMS prior to version 28, which stems from an improper neutralization of special elements used in operating system commands, resulting in an operating system command injection...
PT-2024-6544 · Intel · Intel Ethernet Network Controllers/Adapters E810 Series
Name of the Vulnerable Software and Affected Versions: Linux kernel mode driver for IntelR Ethernet Network Controllers and Adapters E810 Series versions prior to 28.3 Description: The issue is related to an improper conditions check in the Linux kernel mode driver, which may allow an authenticat...
PT-2024-1285 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.0 Description: The issue concerns the expiration of OAuth codes in Nextcloud Server, a self-hosted personal cloud system. In affected versions, OAuth codes did not expire, allowing an attacker who gains...
SUSE CVE-2014-1497
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service out-of-bounds read and...
SUSE CVE-2014-1502
The 1 WebGL.compressedTexImage2D and 2 WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors...
CVE-2022-29286
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling...
Pexip Infinity 资源管理错误漏洞
Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions prior to 28.1. An attacker exploiting this vulnerability could trigge...