1447 matches found
PT-2025-35207
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: An issue exists in OpenAtlas that could allow a remote user to send specially crafted queries to an authenticated user and potentially steal their session cookie details. This is due to inadequate validati...
PT-2025-35208
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: A Cross-Site Scripting XSS issue exists due to inadequate validation of user input when a POST request is sent. This could allow a remote user to send specially crafted queries to an authenticated user and...
PT-2025-35203
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: A Cross-Site Scripting XSS issue exists in OpenAtlas due to insufficient validation of user input received through POST requests. This could allow a remote user to send crafted queries to an authenticated...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
Linux Distros Unpatched Vulnerability : CVE-2023-50471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c. CVE-2023-50471 Note that Nessus relies on t...
TencentOS Server 3: glib2 (TSSA-2025:0689)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0689 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
K000153054: Glib vulnerability CVE-2025-4373
Security Advisory Description A flaw was found in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. CVE-2025-4373 Impact There is no impact...
Linux Distros Unpatched Vulnerability : CVE-2025-3818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py...
Linux Distros Unpatched Vulnerability : CVE-2024-21000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.36 and prior and...
EulerOS 2.0 SP11 : glib2 (EulerOS-SA-2025-1950)
According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
Linux Distros Unpatched Vulnerability : CVE-2023-52900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix general protection fault in nilfsbtreeinsert If nilfs2 reads a corrupted disk image and tries to reads a b-tree node block by calling...
Linux Distros Unpatched Vulnerability : CVE-2025-21959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 netfilter: nfconncount: fix garbage collection confirm...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
Exploit for CVE-2025-51820
CVE-2025-51820 A critical Remote Code Execution RCE vulnerab...
Human Resource Integrated System action.php File Cross-Site Scripting Vulnerability
Human Resource Integrated System is a human resource management system. A cross-site scripting vulnerability exists in Human Resource Integrated System, which originates from the unspecified parameter content not being security filtered in the /insert-and-view/action.php file. An attacker could...
Code-Projects Human Resource Integrated System 注入漏洞
Human Resource Integrated System is a human resource integration system. An injection vulnerability exists in Code-Projects Human Resource Integrated System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter content in the file...
Code-Projects Human Resource Integrated System 代码注入漏洞
Human Resource Integrated System is a human resource management system. A cross-site scripting vulnerability exists in Human Resource Integrated System, which originates from the unspecified parameter content not being security filtered in the /insert-and-view/action.php file. An attacker could...
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar
A flaw was found in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite...