13 matches found
AlmaLinux 10 : kernel (ALSA-2026:19569)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...
MAL-2026-980 Malicious code in the-storyverse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2885a4f6fa566cedcd5c365fe4435186a31ed8913af26f8a06bbee3d760e66cb The package the-storyverse was found to contain malicious code. Source: ossf-package-analysis...
SUSE-SU-2025:03467-1 Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...
SUSE-SU-2025:03466-1 Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-3569
Affected software: JamesZBL/code-projects db-hospital-drug 1.0. The vulnerability resides in ShiroConfig.java and involves improper authorization. Exploitation is described as possible remotely; the exploit has been publicly disclosed. Documented impact is limited to authorization control, with n...
PT-2023-30889 · Unknown · Xintian Smart Table Integrated Management System
Name of the Vulnerable Software and Affected Versions: Xintian Smart Table Integrated Management System version 5.6.9 Description: A critical issue was found in the Xintian Smart Table Integrated Management System. It affects an unknown function of the file /SysManage/AddUpdateSites.aspx,...
CVE-2023-4712
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...
PT-2023-30323 · Unknown · Xintian Smart Table Integrated Management System
Name of the Vulnerable Software and Affected Versions: Xintian Smart Table Integrated Management System version 5.6.9 Description: A critical issue was found in the Xintian Smart Table Integrated Management System. This issue affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The...
CVE-2022-3769
The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...
EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-30788)
EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM versions prior to 5.6.9, which can be exploited by an attacker to execute...
EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-30786)
EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM versions prior to 5.6.9, which can be exploited by an attacker to execute...
2021-07 .NET 5.0.8 Update for ARM64 Client (KB5004698)
2021-07 .NET 5.0.8 Update for ARM64 Client KB5004698...