Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988857)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988857 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence :...

EUVD-2022-48099

Malicious code in bioql PyPI...

CVE-2023-32124

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

DEBIAN-CVE-2022-48909

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smcrelease smcconnectwork if sk-skstate == SMCINIT sendclcconfirim tcpabort; ... sk.skstate = SMCACTIVE smccloseactive...

CVE-2023-32124

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

CVE-2023-32124 WordPress Publish Confirm Message Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

CVE-2023-32124

The CVE-2023-32124 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Publish Confirm Message (author: Arul Prasad J) affecting versions

WordPress Plugin Publish Confirm Message Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2022-45191

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values...

CVE-2019-9496 An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate,...

vtisk.si XSS vulnerability

Open Bug Bounty ID: OBB-641462 Description| Value ---|--- Affected Website:| vtisk.si Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2015-5316

The eappwdperformconfirmexchange function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an EAP-pwd Confirm message followed by the...

DEBIAN-CVE-2015-5316

The eappwdperformconfirmexchange function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an EAP-pwd Confirm message followed by the...

CVE-2015-5316

The eappwdperformconfirmexchange function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an EAP-pwd Confirm message followed by the...

CVE-2015-4143

The EAP-pwd server and peer implementation in hostapd and wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted 1 Commit or 2 Confirm message payload...

CVE-2015-4143

The EAP-pwd server and peer implementation in hostapd and wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted 1 Commit or 2 Confirm message payload...

wpa_supplicant/hostapd eap_server/eap_server_pwd.c eap_pwd_process_confirm_resp() function out-of-bounds read vulnerability

hostapd is a user-state daemon for APs and authentication servers. wpasupplicant is a WiFi-capable component for Android that supports authentication of wireless connections. hostapd eapserver/eapserverpwd.c eappwdprocessconfirmresp function An out-of-bounds read vulnerability exists in the confi...