24 matches found
CVE-2026-55234 Wekan: Broken access control: any authenticated user can move their Cards/Lists/Swimlanes into a private board they are not a member of (cross-board write via collection allow rule)
Wekan is open source kanban built with Meteor. Prior to 9.37, Wekan DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js authorize against the stored source boardId and do not validate a new boardId in the update modifier. Any...
EUVD-2019-5370
Malware in sbrugna...
ReconPi
This is a reconnaissance tool called ReconPi, designed for use on a Raspberry Pi or a VPS. The tool is written in Bash and uses various scripts to perform extensive reconnaissance on a target domain. The tool's primary function is to gather information about a target domain, including subdomains,...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250806T202249 2025-08-06T20:22:49Z jscPED-11136 GO-2022-0392 GHSA-m6gx-rhvj-fh52 GO-2022-0396 GHSA-g54h-m393-cpwq GO-2022-0452 GHSA-f3fp-gc8g-vw66 GO-2022-0456 GHSA-wjxw-gh3m-7pm5 GO-2022-0617 GHSA-qh36-44jv-c8...
CVE-2019-14117
u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdrago...
DEBIAN-CVE-2025-23133
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...
CVE-2025-23133
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...
CVE-2025-23133
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...
PT-2023-20974 · Enhancesoft · Osticket
Name of the Vulnerable Software and Affected Versions: Enhancesoft osTicket version 1.17.2 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom...
Kv TinyMCE Editor Add Fonts <= 1.1 - Font List Update via CSRF
Description The plugin does not have CSRF check when updating its font list, which could allow attackers to make logged in admins perform such action via a CSRF attack...
CVE-2022-46886
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...
CVE-2022-46886
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...
CVE-2022-46886
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...
CVE-2022-33296
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...
CVE-2022-33296
CVE-2022-33296 describes memory corruption due to an integer overflow that becomes a buffer overflow in the Modem when parsing a Traffic Channel Neighbor List Update message. This affects Qualcomm modem components and is documented across multiple sources (NVD, Red Hat, CVE lists). The root cause...
CVE-2022-33296 Integer overflow to buffer overflow in Modem
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...
PT-2023-13300 · Modem · Modem
Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to memory corruption caused by an integer overflow leading to a buffer overflow in the Modem. This occurs when the Modem is parsing a Traffic Channel Neighbor List Update...
SUSE CVE-2017-10966
An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table...
Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)
A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...
Error "Could not update master user list" while saving the LDAP Configuration on XenMobile server
Unable to save LDAP configuration and getting Error "Could not update master user list" For sample logs: 2017-08-21T09:21:30.411-0700 | 3811F15F6AE686BC | INFO | http-nio-14443-exec-11 | com.citrix.cg.identity.ldap.LdapManager | Given baseDN 'dc=domain,dc=example,dc=com'is valid:true...