87 matches found
PT-2025-24228 · Unknown · Crawlomatic Multipage Scraper Post Generator
Name of the Vulnerable Software and Affected Versions: Crawlomatic Multisite Scraper Post Generator versions 2.6.8.2 and earlier Description: The issue allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions...
RHEL 10 : golang (RHSA-2025:8477)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8477 advisory. The golang packages provide the Go programming language compiler. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked...
CVE-2024-24560
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 overlapping with the input buffer. When checking RETURNDATASIZE for dynamic...
CVE-2024-4477
The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting...
CVE-2013-3675
The processframeobj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service integer overflow, out-of-bounds array access, and application crash via crafted LucasArts Smush video data...
CVE-2025-21922
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21867
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...
CVE-2024-8613 Improper Access Control in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due to improper handling of session data and lack of access control mechanisms, enabling attackers to view and manipulate chat histories of...
CVE-2025-30258
In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...
SimpleHelp Detected
This is an informational notice that the scanner was able to detect a SimpleHelp instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...
CVE-2025-21822
In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set driver data before its usage If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and misc device. It uses devgetdrvdata to access the vmclock state. However the driver...
CVE-2022-49347
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0: ext4mbgeneratebuddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------ cut here ------------ kernel...
CVE-2022-49296
In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0: cephatomicopen-- cephmdscdorequestopenc finishopenfile, dentry, cephopen--...
CVE-2022-49347 ext4: fix bug_on in ext4_writepages
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0: ext4mbgeneratebuddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------ cut here ------------ kernel...
Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2023-46219)
The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46219 advisory. - When saving HSTS data to an excessively long file name, curl could end up removing all content...
CVE-2024-30230
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from an uninitialized data issue contained in the DA module that could result in reading uninitialized heap data...
Vulnerability of components of Linux operating system’s kernel, net/smc, allowing a hacker to cause a service failure
The vulnerability of the net/smc components in Linux operating systems is related to the operation of data out of the buffer into memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
Medium: tpm2-tools
Issue Overview: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest CVE-2024-29039 Affected Packages: tpm2-tools Issue Correction: Run dnf update tpm2-tools --releasever 2023.5.20240805 or dnf update...
CVE-2024-39817
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App...