113 matches found
Metabase < 0.44.5
The version of Metabase installed on the remote host is prior to 0.44.5. It is, therefore, affected by a The url parameter of the /api/geojson endpoint in Metabase versions 0.44.5 can be used to perform Server Side Request Forgery attacks. Previously implemented blacklists could be circumvented b...
Linux Distros Unpatched Vulnerability : CVE-2021-33929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow vulnerability in function pooldisabledsolvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...
Adobe Dimension < 4.1.4 Memory leak (APSB25-84)
The version of Adobe Dimension installed on the remote Windows host is prior to 4.1.4. It is, therefore, affected by a vulnerability as referenced in the APSB25-84 advisory. - Out-of-bounds Read CWE-125 potentially leading to Memory leak CVE-2025-54238 Note that Nessus has not tested for this iss...
CVE-2025-8217 Inert Malicious script injected into Amazon Q Developer Visual Studio Code (VS Code) Extension
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
Mautic 安全漏洞
Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in versions prior to Mautic 6.0.2, which stems from a time-difference attack in the Forgot...
SUSE CVE-2025-46721
nosurf is cross-site request forgery CSRF protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass CSRF checks and issue requests on user's behal...
October 代码问题漏洞
October is a content management system CMS and web platform from October Open Source. A code issue vulnerability exists in versions prior to October 3.7.5 that stems from not properly cleaning SVG files, which could lead to bypassing protection...
PT-2025-16929
Name of the Vulnerable Software and Affected Versions Nullsoft Scriptable Install System NSIS versions prior to 3.11 Description The issue allows local users to escalate privileges to SYSTEM during an installation. This occurs because the temporary plugins directory is created under %WINDIR%temp...
DEBIAN-CVE-2025-0435
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...
LinkAce 安全漏洞
LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A security vulnerability exists in LinkAce versions prior to 1.15.6. An attacker exploiting this vulnerability could upload a malicious HTML file containing a JavaScript payload...
PT-2024-33431 · Unknown · Cooked Pro
Name of the Vulnerable Software and Affected Versions: Cooked Pro versions prior to 1.8.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. This problem involves CSRF attacks. Recommendations: For versions prior to 1.8.0, update to...
PT-2024-29645 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.10.0 Description: The issue allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This requires the provider to be installed on...
CVE-2024-6651
The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
Fedora: Security Advisory (FEDORA-2024-a702b78744)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenHarmony 安全漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony prior to version v3.2.4. A remote attacker could exploit the vulnerability to bypass privilege authentication to insta...
util-linux 安全漏洞
util-linux is an open source software package. A security vulnerability exists in util-linux version 2.40 and earlier, which stems from the fact that wall is typically installed with the setgid tty permission, which allows escape sequences to be sent to other users' terminals via argv, which coul...
PT-2024-20749 · Unknown · Maspik – Spam Blacklist
Name of the Vulnerable Software and Affected Versions: Maspik – Spam Blacklist versions 0.10.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...
AZL-39220 CVE-2023-45237 affecting package edk2 for versions less than 20230301gitf80f052277c8-40
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
CVE-2022-2413
The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is...