9 matches found
EUVD-2025-32328
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...
CVE-2022-49406
In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...
PT-2025-2814
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: A vulnerability has been resolved in the Linux kernel, specifically in the btrfs module. The issue is related to a possible recursive locking detected when running fstests btrfs/011 with MKFS...
PT-2024-29400 · Hicolor · Hicolor
Name of the Vulnerable Software and Affected Versions: hicolor version 0.5.0 Description: A heap buffer overflow in the cp block function, located in /vendor/cute png.h, allows attackers to cause a Denial of Service DoS via a crafted PNG file. Recommendations: For hicolor version 0.5.0, consider...
D-Link Di-7200G Buffer Error Vulnerability
The D-Link Di-7200G is a Gigabit enterprise router from China's AUO D-Link. A security vulnerability exists in the D-Link Di-7200G, which can be caused by manipulating the popupId parameter in the H5/hiblock.asp function to cause a stack overflow...
PT-2023-22249 · Bzip3 · Bzip3
Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.2.3 Description: An issue was discovered in libbzip3.a. There is an out-of-bounds write in the bz3 decode block function. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the...
Navigate CMS sql injection vulnerability (CNVD-2021-57423)
Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the block-order parameter of the block function in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend databa...
NavigateCMS SQL注入漏洞
Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the block-order parameter of the block function in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend databa...
DEBIAN-CVE-2016-5036
The dumpblock function in printsections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via crafted frame data...