1612 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-2579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and...
GHSA-F3GH-529W-V32X IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations
Summary ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While several endpoints are affected, the most critical vulnerability lies in the ability to manipulate LDAP...
MAL-2025-1619 Malicious code in paypal-checkout-integration-backend-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8978fb3635d1339256e1aa90eab3f76ba33bad36f9a2ffd70d1f6fc7d60ccca8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2022-49138
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to memory corruptions...
SUSE CVE-2022-49139
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and eSCO link types. On the reception of a HCISynchronousConnectionComplete for a BDADDR of an existing LE connection, LE link type and ...
DEBIAN-CVE-2022-49139
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and eSCO link types. On the reception of a HCISynchronousConnectionComplete for a BDADDR of an existing LE connection, LE link type and ...
AZL-67673 CVE-2022-49138 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to memory corruptions...
UBUNTU-CVE-2022-49139
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and eSCO link types. On the reception of a HCISynchronousConnectionComplete for a BDADDR of an existing LE connection, LE link type and ...
CVE-2024-33807
A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...
CVE-2024-33804
A SQL injection vulnerability in /model/getsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33402
A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
MAL-2025-1360 Malicious code in dzengi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8119e05e44d286deeecdba85e6cf45a95749db4907cb770fa9828949f1fc347c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: spi: fixed null pointer dereference within spisync. If spisync is called with a non-empty queue and the same spimessage is reused, the complete callback for the message remains set while the context is cleared. This leads to a nu...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fixed hardware lockup upon the first Rx endpoint request There is a possibility that the callback of a request could be invoked from usbepqueue as shown in the call trace below, with missing calls included: c...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle protected guests properly in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g., SEV-ES and SEV-SN...
Intel Ethernet Adapter Complete Driver Pack Software Advisory - Lenovo Support US
No description provided...
The vulnerability of the target_completecmd function in the target_core_transport.c component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the targetcompletecmd function in the targetcoretransport.c component of the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
PT-2025-2132 · WordPress · Ai Power: Complete Ai Pack
Name of the Vulnerable Software and Affected Versions: AI Power: Complete AI Pack plugin for WordPress versions up to, and including, 1.8.96 Description: The issue allows authenticated attackers with subscriber-level access and above to make web requests to arbitrary locations originating from th...
WordPress AI Power: Complete AI Pack plugin <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by shaman0x01 in WordPress Plugin GPT3 AI Content Writer versions = 1.8.96...
WordPress AI Power: Complete AI Pack plugin <= 1.8.96 - Authenticated (Admin+) PHP Object Injection vulnerability
Authenticated Admin+ PHP Object Injection vulnerability discovered by Tran Anh Duc in WordPress Plugin GPT3 AI Content Writer versions = 1.8.96...