CVE-2025-26585 WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...

SUSE CVE-2024-38519

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...

CVE-2024-57238

Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/procget endpoint. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby parameter...

CVE-2024-57238

Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/procget endpoint. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby parameter...

Prolink DL-7203E 安全漏洞

The Prolink DL-7203E is a wireless router from Prolink USA. A security vulnerability exists in the Prolink DL-7203E version V4.0.0B05, which stems from a susceptibility to SQL injection attacks and allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby...

RICOH DL Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2012-5002)

Stack-based buffer overflow in SR10 FTP server SR10.exe 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command. This plugin only works with Tenable.ot. Please visit...

MAL-2024-11129 Malicious code in all-dl-404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c81b14656d59125b0a646d87c4351c27ca359a39cbc729ea08ba8ebc5a7e314 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in all-dl-404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c81b14656d59125b0a646d87c4351c27ca359a39cbc729ea08ba8ebc5a7e314 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dl-testes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10924 Malicious code in dl-testes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the enqueue_task_dl() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the enqueuetaskdl function in the kernel/sched/deadline.c module of the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...

yt-dlp: Multiple Vulnerabilities

Background yt-dlp is a youtube-dl fork with additional features and fixes. Description Multiple vulnerabilities have been found in yt-dlp. Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

com.github.nbbrd.sdmx-dl:sdmx-dl-grpc (=3.0.0-beta.12), com.github.rebue.wheel:wheel-vertx (>=2.2.9 <=2.2.12) +173 more potentially affected by CVE-2024-8391 via io.vertx:vertx-grpc-server (>=4.3.0 <=4.5.1)

io.vertx:vertx-grpc-server MAVEN version =4.3.0, =2.2.9, =0.30.0, =0.21.0, =2.8.0, =0.2.0, =0.0.7, =0.0.7, =0.0.7, =2.7.0, =2.7.0, =2.7.0, =1.0.4, =1.0.4, =1.3.0, =2.7.0 and more Source cves: CVE-2024-8391 Source advisory: OSV:GHSA-G76F-GJFX-4RPRhttps://vulners.com/osv/OSV:GHSA-G...

PT-2024-30251 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A reflected cross-site scripting XSS issue in the dl liuyan save.php component allows attackers to execute arbitrary code in the context of a user's browser by injecting a crafted payload. This enables the...

WordPress DL Robots.txt Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software DL Robots.txt Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6797 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4c6959146180 Credits Bob Matyas Required privilege...

SUSE CVE-2024-41023

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...

CVE-2024-23350

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350

CVE-2024-23350 relates to a permanent Denial of Service in Qualcomm Snapdragon software, triggered when the DL NAS transport processes multiple payloads: one payload with a SOR container failing its integrity check and another LPP where the UE must send a status message. Root cause cited as an un...