16 matches found
EUVD-2026-39682
Unauthenticated Broken Access Control in Newsletters = 4.13 versions...
CVE-2026-54840 WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Newsletters = 4.13 versions...
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001604 advisory. The killsomethinginfo function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003380)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003380 advisory. The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of- bounds read and system crash or possibly have unspecified...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...
CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...
CVE-2025-30201
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leadin...
CVE-2023-34600
Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection...
CVE-2021-27189
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation...
OPENSUSE-SU-2020:1369-1 Security update for squid
This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply bsc1175671. - CVE-2020-15811: Improve Transfer-Encoding handling bsc1175665. - CVE-2020-15810: Enforce token characters for field-name bsc1175664. This...
Xen Denial of Service Vulnerability (CNVD-2020-25872)
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.13....
Linux kernel denial of service vulnerability (CNVD-2018-07978)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'killsomethinginfo' function in the kernel/signal.c file in Linux kernel versions prior to 4.13. A local attacker can exploit th...
Linux kernel denial of service vulnerability (CNVD-2018-04867)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/net/ethernet/hisilicon/hns/hnsenet.c file in Linux kernel versions prior to 4.13. A local attacker could exploit this...
ALPINE-CVE-2018-6003
An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS...
Linux kernel local denial of service vulnerability (CNVD-2017-33097)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'usbgetbosdescriptor' function in the drivers/usb/core/config.c file in versions of Linux kernel prior to 4.13.10. A loca...