Google Chrome < 4.3.61.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 4.3.61.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 201505stable-channel-update19 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers ...

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...

PT-2025-47555

The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle filter users function in all versions up to, and including, 2.3. This makes it possible for unauthenticated...

TencentOS Server 2: java-11-openjdk (TSSA-2024:0133)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0133 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

FreeBSD : sudo-rs -- Partial password reveal when password timeout occurs (c1ceaaea-c2e7-11f0-8372-98b78501ef2a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c1ceaaea-c2e7-11f0-8372-98b78501ef2a advisory. Trifecta Tech Foundation reports: When typing partial passwords but not pressing return for a long time...

CVE-2025-64753

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing hashes for versions of that document and receive a full list of changes between versions, even if those changes contained cells, columns, or...

CVE-2025-64753 grist-core has insufficient access control in endpoints for comparisons between documents and versions

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing hashes for versions of that document and receive a full list of changes between versions, even if those changes contained cells, columns, or...

EUVD-2025-177187

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing hashes for versions of that document and receive a full list of changes between versions, even if those changes contained cells, columns, or...

CVE-2025-64753

CVE-2025-64753 Summary : Grist-core versions prior to 1.7.7 expose the full version history and change details to users with partial read access via the /compare endpoint. Root cause: insufficient access control on document/version comparisons. Impact: disclosure of changes that may include data ...

Grist 安全漏洞

Grist is a modern relational spreadsheet open-sourced by Grist. A security vulnerability exists in Grist versions prior to 1.7.7, which stems from a partial read permission user having access to the full document change history, potentially leading to the disclosure of sensitive information...

CVE-2025-60671

CVE-2025-60671 affects the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin, via command injection in timelycheck and sysconf processing /var/system/linux_vlan_reinit. Root cause: content read from that file is only partially validated for a prefix and then formatted with vsnprintf(...

GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

EUVD-2025-131955

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170

CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

EUVD-2025-117175

Malicious code in partial-amber-raccoon npm...

EUVD-2025-117174

Malicious code in partial-violet-shark npm...