328 matches found
Fedora 41 : crosswords-puzzle-sets-xword-dl (2025-90f88da466)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-90f88da466 advisory. Update to 0.4.8; Fixes: RHBZ2237964, RHBZ2282129 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
[SECURITY] Fedora 42 Update: crosswords-puzzle-sets-xword-dl-0.4.8-1.fc42
Download crossword puzzles for GNOME Crosswords from assorted newspapers using xword-dl...
CVE-2024-52923
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS...
CVE-2025-26585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...
Linux Distros Unpatched Vulnerability : CVE-2024-38519
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded...
CVE-2025-26585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...
CVE-2025-26585
CVE-2025-26585 — WordPress plugin DL Leadback is affected by a Reflected Cross-Site Scripting (XSS) vulnerability in versions up to 1.2.1 due to improper input neutralization during web page generation. Public sources (NVD/Red Hat/CVE listings) describe the flaw as DL Leadback: notcapped escalati...
CVE-2025-26585 WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound DL Leadback allows Reflected XSS. This issue affects DL Leadback: from n/a through 1.2.1...
CVE-2025-26585 WordPress DL Leadback Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...
SUSE CVE-2024-38519
yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...
CVE-2024-57238
Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/procget endpoint. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby parameter...
Prolink DL-7203E 安全漏洞
The Prolink DL-7203E is a wireless router from Prolink USA. A security vulnerability exists in the Prolink DL-7203E version V4.0.0B05, which stems from a susceptibility to SQL injection attacks and allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby...
CVE-2024-57238
Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/procget endpoint. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious SQL code into the orderby parameter...
RICOH DL Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2012-5002)
Stack-based buffer overflow in SR10 FTP server SR10.exe 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command. This plugin only works with Tenable.ot. Please visit...
Malicious code in all-dl-404 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c81b14656d59125b0a646d87c4351c27ca359a39cbc729ea08ba8ebc5a7e314 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11129 Malicious code in all-dl-404 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c81b14656d59125b0a646d87c4351c27ca359a39cbc729ea08ba8ebc5a7e314 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dl-testes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10924 Malicious code in dl-testes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the enqueue_task_dl() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the enqueuetaskdl function in the kernel/sched/deadline.c module of the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
yt-dlp: Multiple Vulnerabilities
Background yt-dlp is a youtube-dl fork with additional features and fixes. Description Multiple vulnerabilities have been found in yt-dlp. Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...