22 matches found
Astra Linux - уязвимость в binutils
A out-of-bounds read flaw was discovered in the parsemodule function in bfd/vms-alpha.c in Binutils...
CVE-2021-22409
There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a module. When the service pressure is heavy, there is a low probability that an exception may occur. Successful exploit may cause some services abnormal...
Linux Distros Unpatched Vulnerability : CVE-2025-68216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions i...
EUVD-2025-203680
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...
CVE-2025-54626
Pointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this vulnerability may affect function stability...
CVE-2025-53180
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability...
DEBIAN-CVE-2025-3121
A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...
PT-2024-10863 · Huawei · Huawei Smartphone
Name of the Vulnerable Software and Affected Versions: Huawei smartphones affected versions not specified Description: There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit th...
PT-2024-39587 · WordPress · The Forminator Forms
Name of the Vulnerable Software and Affected Versions: The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress versions up to, and including, 1.35.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on...
CVE-2024-32358
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033...
CVE-2023-25584
An out-of-bounds read flaw was found in the parsemodule function in bfd/vms-alpha.c in Binutils...
PT-2023-20508 · Unknown · Keep-Module-Latest
Name of the Vulnerable Software and Affected Versions: keep-module-latest versions all Description: The issue arises due to missing input sanitization or other checks and sandboxes being employed to the installModule function, leading to Command Injection. To potentially exploit this, an attacker...
SUSE CVE-2012-4398
The requestmodule function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service memory consumption via a crafted application...
UBUNTU-CVE-2023-25584
An out-of-bounds read flaw was found in the parsemodule function in bfd/vms-alpha.c in Binutils...
Cross-Site Scripting (XSS)
microweber/microweber is vulnerable to reflected cross-site scripting. The vulnerability exists in the module function in ApiController.php due to a lack of sanitization in module attributes which allows an attacker to inject and execute malicious payloads...
node-import 安全漏洞
node-import is used by Nanang Mahdaen El Agung Individual Developer Indonesia to import dependencies and run them directly or link them and export to a file. A security vulnerability exists in node-import, which stems from the vulnerability of this package to arbitrary code execution, where the...
CVE-2021-22409
There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a module. When the service pressure is heavy, there is a low probability that an exception may occur. Successful exploit may cause some services abnormal...
CVE-2021-22409
There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a module. When the service pressure is heavy, there is a low probability that an exception may occur. Successful exploit may cause some services abnormal...
DEBIAN-CVE-2019-7151
A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt...
kernel: request_module() OOM local DoS
The requestmodule function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service memory consumption via a crafted application...