4606 matches found
PT-2023-9940 · Unknown · Ahmyi Rivettracker
Name of the Vulnerable Software and Affected Versions: ahmyi RivetTracker affected versions not specified Description: A problematic issue has been found in ahmyi RivetTracker, affecting some unknown processing. The manipulation of the argument $ SERVER'PHP SELF' leads to cross site scripting. Th...
PT-2023-13959 · WordPress · Superio
Name of the Vulnerable Software and Affected Versions: Superio WordPress theme affected versions not specified Description: The issue concerns the Superio WordPress theme, which does not properly sanitise and escape certain parameters. This could allow users with a role as low as a subscriber to...
PT-2022-8021 · Unknown · Exciting Printer
Name of the Vulnerable Software and Affected Versions: Exciting Printer affected versions not specified Description: A critical issue affects the Argument Handler component, specifically the file lib/printer/jobs/prepare page.rb, where the manipulation of the URL argument leads to command...
DEBIAN-CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2022-4127 affecting package kernel 5.10.155.1-1
CVE-2022-4127 affecting package kernel 5.10.155.1-1. A patched version of the package is available...
CVE-2022-3910 affecting package kernel 5.10.155.1-1
CVE-2022-3910 affecting package kernel 5.10.155.1-1. A patched version of the package is available...
CVE-2022-3115 affecting package kernel 5.10.155.1-1
CVE-2022-3115 affecting package kernel 5.10.155.1-1. A patched version of the package is available...
GHSA-J593-H5V3-45X6 usememos/memos may leak user information to an authenticated user
usememos/memos 0.9.0 and prior has endpoint that leaks user information like names, email, role, and OpenID to an authenticated user. A patch is available at commit 05b41804e33a34102f1f75bb2d69195dda6a1210 on the main branch...
GHSA-33M8-F4HW-WM3Q usememos/memos Denial of Service vulnerability
Denial of Service in GitHub repository usememos/memos 0.9.0 and prior. A patch is available on the main branch at commit number f888c628408501daf639de07b90a72ab443b0f4c...
PT-2022-8303 · Unknown · Nsupdate.Info
Name of the Vulnerable Software and Affected Versions: nsupdate.info affected versions not specified Description: A problematic vulnerability has been found in nsupdate.info, affecting the component CSRF Cookie Handler in the file src/nsupdate/settings/base.py. The manipulation of the argument CS...
PT-2022-8300 · Unknown · Ytti Oxidized Web
Name of the Vulnerable Software and Affected Versions: ytti Oxidized Web affected versions not specified Description: A vulnerability was found in ytti Oxidized Web, classified as problematic. The issue affects an unknown function of the file lib/oxidized/web/views/conf search.haml. The...
UBUNTU-CVE-2019-25085
A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdbtablewritecontentsasync of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is...
CVE-2021-4277
A vulnerability, which was classified as problematic, has been found in fredsmith utils. This issue affects some unknown processing of the file screenshotsync of the component Filename Handler. The manipulation leads to predictable from observable state. The name of the patch is...
CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
Fedora 36 : qpress (2022-e19ca639ef)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e19ca639ef advisory. Security fix for CVE-2022-45866 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
PT-2022-11671 · Unknown · Studygolang
Name of the Vulnerable Software and Affected Versions: studygolang affected versions not specified Description: A problematic vulnerability was found in studygolang, affecting the Search function of the file http/controller/search.go. The manipulation of the argument q leads to cross-site...
CVE-2022-4631 WP-Ban ban-options.php cross site scripting
A vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. ...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
DEBIAN-CVE-2021-4258
A vulnerability was found in whohas. It has been rated as problematic. This issue affects some unknown processing of the component Package Information Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be initiated remotely. The real existence of th...