CVE-2025-1741 b1gMail Admin Page users.php deserialization

A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this vulnerability is an unknown functionality of the file src/admin/users.php of the component Admin Page. The manipulation of the argument query/q leads to deserialization. The attack can be launched...

CVE-2025-1741

CVE-2025-1741 affects b1gMail up to version 7.4.1-pl1 in the Admin Page component (src/admin/users.php). The vulnerability arises from deserialization when manipulating the query/q parameter, allowing remote exploitation. A fix is available: upgrade to 7.4.1-pl2 (patch identifier 4816c8b748f6a5b9...

SUSE CVE-2025-1372

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

CVE-2025-1372

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

CVE-2016-15031

A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injection. The attack...

CVE-2025-0840

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-0840

CVE-2025-0840 affects GNU Binutils up to 2.43, targeting the function disassemble_bytes in binutils/objdump.c. The vulnerability arises from manipulating the argument buf, causing a stack-based buffer overflow. A remote attacker can exploit this, with attack complexity labeled as high and exploit...

CVE-2018-25104

A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...

GHSA-PWWP-3Q7J-9MX8 Use After Free in MicroPython

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

CVE-2024-8947

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

PYSEC-2024-96

A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...

PYSEC-2024-92

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

CVE-2024-8947 MicroPython objarray.c use after free

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

CVE-2020-36830 nescalante urlregex Backtracking index.js redos

A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This issue affects some unknown processing of the file index.js of the component Backtracking. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The...

CVE-2024-8334

The CVE-2024-8334 entry affects master-nan Sweet-CMS, specifically the LogHandler function in middleware/log.go. The root cause is improper output neutralization for logs, enabling a potential remote abuse. The issue is tied to a patch identified as 2024c370e6c78b07b358c9d4257fa5d1be732c38; apply...

CVE-2024-8334 master-nan Sweet-CMS log.go LogHandler neutralization for logs

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/log.go. The manipulation leads to improper output neutralization for logs. The attack may be...

PT-2024-38947 · Sweetcms · Sweetcms

Name of the Vulnerable Software and Affected Versions: master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f Description: A critical issue affects the unknown code of the file /table/index, leading to sql injection. The attack can be initiated remotely. This issue is declared as...

PT-2024-38824 · Go Tribe · Go-Tribe

Name of the Vulnerable Software and Affected Versions: Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310 Description: A critical vulnerability has been found in Go-Tribe gotribe. The issue affects the function Sign of the file pkg/token/token.go. The manipulation of the argument...

DEBIAN-CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...

UBUNTU-CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...