EUVD-2021-22654

Malware in sbrugna...

PT-2025-39676

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for SQL injection. The issue is located in the file /pages/admin account update.php and involves manipulation of the use...

CVE-2021-47640

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...

BIT-MAGENTO-2021-36021 Magento Commerce CMS Page Improper Input Validation Could Lead To Remote Code Execution

Magento versions 2.4.2 and earlier, 2.4.2 and earlier and 2.3.7 and earlier are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code...

SUSE-SU-2023:1776-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2023-26604: Fixed a privilege escalation via the less pager. bsc1208958 - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suiddumpable kernel setting bsc1205000. - CVE-2022-3821: Fixed buffer overrun in formattimespan...

PT-2022-33283 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.6 Description: The issue is related to the shmem replace page function, which may update the page without properly updating the folio. This could potentially lead to security vulnerabilities, although the...

Xen 命令注入漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A command injection vulnerability exists ...

Xen 输入验证错误漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. An input validation error vulnerability...

Fedora 29 : nfdump (2019-9013b5e75d)

2019-08-14 - Fix compile issues - Fix output buffer size for lzo1xdecompresssafe 2019-08-07 - Fix VerifyExtensionMap 179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. 175 - Fix off by 1 array. 173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterSt...

Code injection

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service page update outage via crafted PHP and JavaScript code in the "Current Position" field...

DEBIAN-CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...