5277 matches found
CVE-2025-61959
Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...
CVE-2025-61959
Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...
CVE-2025-61959 Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information
Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...
CVE-2025-61959 Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information
Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...
Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks. The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business...
PT-2025-44350
Name of the Vulnerable Software and Affected Versions Hospital Manager Backend Services versions prior to September 19, 2025 Description The Hospital Manager Backend Services returned detailed ASP.NET error pages for invalid requests to the ''WebResource.axd'' endpoint. These error pages revealed...
CVE-2025-62891
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to convert nrpages to an unsigned long type, which could lead to an overflow in the PERFIDX2OFF...
EUVD-2025-36047
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
CVE-2025-62891
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
CVE-2025-62891 WordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
CVE-2025-62891
The CVE describes a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin “Off-Canvas Sidebars & Menus (Slidebars)” in versions up to and including 0.5.8.5. The vulnerability is documented across multiple sources (NVD, Red Hat, ENISA/EUVD, CVE List) with a CVSS 3.1 base s...
CVE-2025-62891 WordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Return of Wrong Status Code (CVE-2024-40945)
iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could potentially lead to a kernel NULL pointer dereference issue if the functi...
WordPress plugin Off-Canvas Sidebars & Menus (Slidebars) 跨站请求伪造漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin...
PT-2025-43770
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2025-2291)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2259)
According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...
curl: Use of Deprecated strcpy() with Fixed-Size Buffers in Progress Time Formatting
Step 2: Locate Vulnerable Code in Progress.c Find exact strcpy usage in toolprogress.c grep -n "strcpy" ./src/toolprogress.c OUTPUT: 94: strcpyr, "--:--:--"; Step 3: Analyze the Vulnerable Function View complete time2str function sed -n '/^static void time2str/,/^/p' ./src/toolprogress.c Vulnerab...
JLSEC-2025-166 gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflo...
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...