PT-2024-16836

Name of the Vulnerable Software and Affected Versions The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress versions up to, and including, 3.3.50 Description The issue is related to unauthorized access of data due to a missing capability check on the...

iparking SQL Injection Vulnerability

iparking is fhsopensource open source a parking fee management system . iparking 1.5.22.RELEASE version of the SQL injection vulnerability , the vulnerability stems from the function getData SQL injection vulnerability...

CVE-2023-45387

In the module "Product Catalog CSV, Excel, XML Export PRO" exportproducts in versions up to 5.0.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection via exportProduct::addDataToDb...

CVE-2023-45574

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2023-45574

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

D-Link Di-7200G Buffer Error Vulnerability

The D-Link Di-7200G is a Gigabit enterprise router from China-based D-Link. A security vulnerability exists in the D-Link Di-7200G that originates from a stack overflow that can be caused by manipulating the id parameter in the yyxz.data function...

DEBIAN-CVE-2020-19724

A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils, which stems from a memory...

PT-2023-18313 · Unknown · Gps Hlos Driver

Name of the Vulnerable Software and Affected Versions: GPS HLOS Driver affected versions not specified Description: The issue is related to memory corruption in the GPS HLOS Driver. Specifically, when the injectFdclData function receives data with an invalid data length, it can cause memory...

CVE-2023-3249

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

SUSE CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

...

PT-2021-7360 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.13 Description: The issue is related to a slab out-of-bounds write in the decode data function of the drivers/net/hamradio/6pack.c component in the Linux kernel. This can be exploited to gain access to...

PT-2021-15888 · WordPress · Simple 301 Redirects By Betterlinks

Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue concerns the export data function of the Simple 301 Redirects by BetterLinks WordPress plugin, which had no capability or nonce checks. This...

PT-2021-15889 · Betterlinks · Simple 301 Redirects

Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue concerns the import data function, which lacks capability and nonce checks. This allows unauthenticated users to import site redirects...

PT-2020-6940 · Gnu +2 · Gnu Nm +2

Name of the Vulnerable Software and Affected Versions: GNU nm versions prior to 2.34 Description: The issue is related to a memory consumption problem in the get data function in binutils/nm.c. This allows attackers to cause a denial of service via crafted commands. The vulnerability is associate...

PT-2022-11275 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue allows attackers to cause a denial of service via a crafted file in the MP4Box command, specifically through the gf bs write data function. Recommendations: For GPAC version 1.0.1, consider disabling...

Unspecified Vulnerability in Artifex MuPDF

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'pdfgetxrefentry' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.13.0. A remote attacker can exploit this vulnerability with the help of a specially crafted pdf file to...

curl: Double-free in krb5 code

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

DEBIAN-CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...