CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1313)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1214)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1236)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a heap buffer overflow in the TBD module, which may result in out-of-bounds writes...

Sql injection

In the module "CD Custom Fields 4 Orders" cdcustomfields4orders = 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injection in affected versions...

Oracle Linux 9 : golang (ELSA-2024-1131)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1131 advisory. 1.20.12-1 - Rebase to 1.20.12 - Fix CVE-2023-45285 CVE-2023-39326 Tenable has extracted the preceding description block directly from the Oracle Linux...

BIT-PRESTASHOP-2023-31672

In the PrestaShop 2.4.3 module "Length, weight or volume sell" ailinear there is a SQL injection vulnerability...

BIT-NGINX-2022-41742 NGINX ngx_http_mp4_module vulnerability CVE-2022-41742

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to cause a worker process crash, or might...

BIT-MYBB-2023-28467

In MyBB before 1.8.34, there is XSS in the User CP module via the user email field...

BIT-DRUPAL-2020-13674

The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...

BIT-DRUPAL-2020-13677

Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected...

CVE-2021-47093

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platformdeviceput to properly free all resource...

CVE-2021-47100

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmisi and ipmimsghandler module Hi, When testing install and uninstall of ipmisi.ko and ipmimsghandler.ko, the system crashed. The log as follows: 141.087026 BUG: unable to handle kernel paging reque...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

CVE-2023-52562

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

CVE-2023-52562

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

Coffee - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-011

The Coffee module helps you to navigate through the Drupal admin menus faster with a shortcut popup. The module doesn't sufficiently escape menu names when displaying them in the popup, thereby exposing a XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop baimporter versions prior to 1.1.28, which stems from a SQL...

Sql injection

In the module "Generate barcode on invoice / delivery slip" ecgeneratebarcode from Ether Creation = 1.2.0 for PrestaShop, a guest can perform SQL injection...