14 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: dm raid: fixed the address sanitizer warning in raidstatus. This warning occurs when using a kernel with address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsirai...
EUVD-2026-4562
The CM CSS Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' shortcode attribute in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2026-1962
Name of the Vulnerable Software and Affected Versions Devolutions PowerShell Universal versions prior to 4.5.6 Devolutions PowerShell Universal versions prior to 5.6.13 Description A cross-site scripting issue exists in Devolutions PowerShell Universal. This allows for potential malicious code...
DEBIAN-CVE-2022-50084
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raidstatus There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsiraid...
CVE-2025-24010 Vite allows any websites to send any requests to the development server and read the response
Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and...
AZL-54692 CVE-2024-56738 affecting package grub2 2.06-16
GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...
IrfanView Security Vulnerability
IrfanView is an image viewer by the individual developer Irfan Skiljan in Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView PlugIns B3D prior to version 4.56, which stems from a heap-based...
PT-2022-28080 · Unknown · Dolibarr Project Timesheet
Name of the Vulnerable Software and Affected Versions: dolibarr project timesheet versions up to 4.5.5 Description: A vulnerability was found in the Form Handler component, leading to cross-site request forgery. The attack can be initiated remotely. Recommendations: For versions up to 4.5.5,...
CVE-2022-36224
XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery CSRF...
XunRuiCMS 跨站请求伪造漏洞
XunRuiCloud Software Development XunRuiCMS XunRuiCMS is an open source content management system CMS from China's XunRuiCloud Software Development Company. A security vulnerability exists in XunRuiCMS version V4.5.6, which originates from the presence of cross-site request forgery CSRF...
Katy Voor HHVM 缓冲区错误漏洞
Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from a write out-of-bounds if a buffer is full. The following products and versions are affected: HHV...
CVE-2017-11273
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. Adobe Digital Editions parses crafted XML files in an unsafe manner, which could lead to sensitive information disclosure...
Adobe Digital Editions Out-of-Bounds Memory Read Vulnerability (CNVD-2017-37096)
Adobe Digital Editions software offers an engaging way to help you view and manage eBooks and other digital publications. An out-of-bounds memory read vulnerability exists in Adobe Digital Editions versions 4.5.6 and earlier. An attacker could exploit this vulnerability to view memory address...
DEBIAN-CVE-2017-9461
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...