12 matches found
PT-2026-47381
In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1 drm cleanup where it should be calling vsp1 vspx...
CVE-2025-63228
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenticated file upload vulnerability in the /uploadfile.php endpoint. An attacker can exploit this by sending a crafted POST request with a malicious file e.g., a PHP webshell to the server. The uploade...
EUVD-2012-0443
Malware in sbrugna...
PT-2025-34446 · Unknown · Zhisheng17 Blog
Name of the Vulnerable Software and Affected Versions: zhisheng17 blog version 3.0.1-SNAPSHOT Description: The software contains an authentication bypass issue that allows an attacker to access the API without a token. Recommendations: At the moment, there is no information about a newer version...
CVE-2025-55194
Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension e.g., .jpg.txt, resulting in a persistent 500 Internal Server Error when attempting to view or edit that...
gitboost (>=0.0.5 <=0.0.6) potentially affected by CVE-2022-1440 via git-interface (=0.1.9)
git-interface NPM version =0.1.9 is affected by a known vulnerability. The following packages have a transitive dependency on git-interface and may be impacted: - gitboost =0.0.5, =0.0.6 Source cves: CVE-2022-1440 Source advisory: OSV:GHSA-QFFW-8WG7-H665...
Cross site scripting
Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. Prior to Pi-hole Web interface version 5.5.1, the function to add domains to blocklists or allowlists is vulnerable to a stored cross-site-scripting vulnerability. User input added ...
CVE-2019-0301
Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for viewing...
DEBIAN-CVE-2017-17880
In ImageMagick 7.0.7-16 Q16 x8664 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBPDECODERABIVERSION check...
SuSE 11.3 Security Update : Samba (SAT Patch Number 9010)
"The Samba fileserver suite was updated to fix bugs and security issues. The following security issue have been fixed : - No Password lockout or ratelimiting was enforced for SAMR password changes, making brute force guessing attacks possible. CVE-2013-4496. Also the following feature has been...
CVE-2012-0411
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action...
CVE-2012-0411
Summary: CVE-2012-0411 affects Novell iPrint Client (pre-5.82). The root cause is a vulnerability in the op-client-interface-version operation (descriptor in ienipp.ocx per ZDI) where two strings used to build a response URL are copied into a fixed‑length buffer on the stack, causing memory corru...