22 matches found
rrdtool security update
An update is available for rrdtool. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The round robin database RRD system stores and displays time-series data, suc...
ALSA-2026:34155 Moderate: rrdtool security update
The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...
SUSE CVE-2026-46258
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...
CVE-2026-46258 gpio: cdev: Avoid NULL dereference in linehandle_create()
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...
CVE-2026-3269
PSI Probe
CVE-2025-14364
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handlerequest function in all versions up to, and including, 2.0.8. This makes it possible for authenticated...
CVE-2025-14364
CVE-2025-14364 affects the WordPress Demo Importer Plus plugin (versions
The vulnerability of the handle_request function in the ASUS GT-AC2900 router allows a hacker to gain unauthorized access to the administrator interface.
The vulnerability of the handlerequest function in ASUS GT-AC2900 routers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the administrator interface...
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
...
CVE-2024-5941
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.14.1. This makes it possible for authenticated attackers,...
WordPress plugin GiveWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin GiveWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-37255 · WordPress · Givewp
Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions prior to 3.13.1 Description: The issue allows unauthorized modification of data due to a missing capability check on the handle request function. This makes it possible for...
CVE-2024-22086
handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...
PT-2024-19197 · Cherry · Cherry
Name of the Vulnerable Software and Affected Versions: cherry versions through 4b877df Description: The issue is related to a stack-based buffer overflow in the handle request function in http.c due to the use of sscanf with a long URI, which can lead to remote code execution. Recommendations: Fo...
Exploit for CVE-2023-45828
CVE-2023-45828 RumbleTalk Live Group Chat = 6.1.9 - Missin...
Directory traversal
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...
CVE-2021-44847
A stack-based buffer overflow in handlerequest function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 caused by an improper length calculation during the handling of received network packets allows remote attackers to crash the process or potentially execute arbitrary code via...
TokTok c-toxcore 缓冲区错误漏洞
c-toxcore is a peer-to-peer serverless instant messenger designed to make security and privacy easier for the average user. A buffer error vulnerability in TokTok c-toxcore, which stems from a stack-based buffer overflow in the handlerequest function in DHT.c caused by improperly calculating the...
OpenWrt and LEDE Cross-Site Scripting Vulnerabilities
Both OpenWrt and LEDE are Linux operating systems for embedded devices. The systems are capable of providing fully writable file systems and package management. A cross-site scripting vulnerability exists in the 'cgihandlerequest' function in OpenWrt versions 18.06.1 and earlier and LEDE versions...