BIT-PRESTASHOP-2026-33674 PrestaShop: Improper Use of Validation Framework

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available...

CVE-2026-33674 PrestaShop: Improper Use of Validation Framework

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available...

CVE-2026-33674 PrestaShop: Improper Use of Validation Framework

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available...

PrestaShop: Improper Use of Validation Framework

Impact Fix improper use of validation framework Patches Patched in 8.2.5 and 9.1.0 Workarounds None References none...

GHSA-283W-XF3Q-788V PrestaShop: Improper Use of Validation Framework

Impact Fix improper use of validation framework Patches Patched in 8.2.5 and 9.1.0 Workarounds None References none...

PT-2026-28175

Name of the Vulnerable Software and Affected Versions PrestaShop versions prior to 8.2.5 PrestaShop versions prior to 9.1.0 Description PrestaShop, an open source e-commerce web application, experiences an issue due to improper use of its validation framework. No workarounds are currently...

pybind: Improper use of Pybind

A flaw was found in Ceph. An attacker can allow Ceph to accept any certificate because no certificate context is passed via Pybind to the constructors imaplib.IMAP4SSL or smtplib.SMTPSSL. As a result, pybind pybind does not check the server's X.509 certificate, instead accepting any certificate...

CVE-2022-31757

The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper use of the pmruntimeresumeandget function, which could lead to a reference count leak...

CVE-2024-53900

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection...

Mongoose search injection vulnerability

Mongoose versions prior to 8.8.3, 7.8.3, 6.13.5, and 5.13.23 are vulnerable to improper use of the $where operator. This vulnerability arises from the ability of the $where clause to execute arbitrary JavaScript code in MongoDB queries, potentially leading to code injection attacks and unauthoriz...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the improper use of RCU locks...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly use cached epcfeatures in the pciepftestcoreinit function...

PUB-A-315969497

There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Insufficiently Protected Credentials

github.com/cloudevents/sdk-go/v2 is vulnerable to Insufficiently Protected Credentials. The vulnerability is due to the improper use of cloudevents.WithRoundTripper, allowing the leakage of credentials to arbitrary endpoints when creating a cloudevents.Client with an authenticated http.RoundTripp...

Medium: ImageMagick

Issue Overview: An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file,...

Google Android elevation of privilege vulnerability (CNVD-2023-26073)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by improper use of cryptocurrency. An attacker can exploit the vulnerability to gain elevated privileges...

K05535399: Linux kernel vulnerability CVE-2017-17855

Security Advisory Description kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars. CVE-2017-17855 Impact There is no impact; ...

Hitachi Energy MicroSCADA Pro/X SYS600 Products (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Low attack complexity Vendor : Hitachi Energy Equipment : MicroSCADA X SYS600, MicroSCADA Pro Vulnerability : Improper Use of Validation Framework 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized...

Event Registration App CSV Injection Vulnerability

Event Registration App is a JavaScript application for registering event participants by Carlo Montero Personal Developer. A CSV injection vulnerability exists in Carlo Montero Event Registration App v1.0, which stems from improper use of the formula elements of the First Name, Contact, and Remar...