2913 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-21061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Audit Plug-in. Supported versions that are affected are 8.0.35 and prior and 8.2.0...
Linux Distros Unpatched Vulnerability : CVE-2023-4921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. When the plug qdisc is...
OpenText Advanced Authentication 安全漏洞
OpenText Advanced Authentication is an advanced authentication framework from OpenText Canada. A security vulnerability exists in OpenText Advanced Authentication version 6.5.0 and earlier, which originates from a malicious browser plug-in that can record and replay the user authentication proces...
Medium: gimp
Issue Overview: A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and...
Amazon Linux 2 : gimp (ALASGIMP-2025-007)
The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2025-007 advisory. A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP Despeckle plug-in. The issue occurs due to unchecke...
CVE-2025-7304
IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...
The vulnerability of the Universal Plug and Play (UPnP) service in Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the Universal Plug and Play UPnP service in Windows operating systems is related to the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the Universal Plug and Play (UPnP) Device Host Service in Microsoft Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the Universal Plug and Play UPnP Device Host Service in Microsoft Windows operating systems is related to the ability to utilize freed memory. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
Security Enclave Architecture for Heterogeneous Security Primitives for Supply-Chain Attacks
Designing secure architectures for system-on-chip SoC platforms is a highly intricate and time-intensive task, often requiring months of development and meticulous verification. Even minor architectural oversights can lead to critical vulnerabilities that undermine the security of the entire chip...
DSIC Cross-browser Components for Official Document Creation 安全漏洞
DSIC Cross-browser Components for Official Document Creation is a browser plug-in from Dewei DSIC Corporation of Taiwan, China. A security vulnerability exists in DSIC Cross-browser Components for Official Document Creation that originates from remote code execution and could lead to the download...
CVE-2025-38302 block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work
In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through...
Jenkins plugin IFTTT Build Notifier 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. Jenkins plugin A...
CVE-2025-48821
Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-48819
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-48819
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-48821 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
...
CVE-2025-48819 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
...
CVE-2025-48819 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-42952
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short dumps on login. Thi...