6 matches found
CVE-2026-4751
CVE-2026-4751 : Affected software is tmate before version 2.4.0. The vulnerability is a NULL pointer dereference in the tmate-io tmate component. The available documents do not provide explicit impact, exploit details, or remediation steps. If present, further specifics (impact scope, CVSS) would...
CVE-2026-28512 Pocket ID: OAuth redirect_uri validation bypass via userinfo/host confusion
Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. From 2.0.0 to before 2.4.0, a flaw in callback URL validation allowed crafted redirecturi values containing URL userinfo @ to bypass legitimate callback pattern checks. If an attacker can trick a...
UBUNTU-CVE-2025-58121
Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information...
CVE-2024-33577
A vulnerability has been identified in Simcenter Femap All versions V2406. The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current...
CVE-2021-4143
Cross-site Scripting XSS - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0...
PT-2010-1110 · Freetype +2 · Freetype +2
Name of the Vulnerable Software and Affected Versions: FreeType versions prior to 2.4.0 FreeType versions prior to 2.4.8 Description: The issue is related to an integer overflow in the gray render span function in smooth/ftgrays.c, which allows remote attackers to cause a denial of service or...