540 matches found
CVE-2025-8844
NASM Netwide Assembler 2.17rc0 contains a vulnerability in parse_smacro_template (preproc.c) that triggers a null pointer dereference. The issue requires local access to exploit, and the exploit has been disclosed publicly. Technical details regarding affected versions beyond 2.17rc0 or remediati...
CVE-2025-8842
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
DEBIAN-CVE-2025-8842
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
UBUNTU-CVE-2025-8842
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8842 NASM Netwide Assember preproc.c do_directive use after free
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8842 NASM Netwide Assember preproc.c do_directive use after free
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8842
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8842
CVE-2025-8842 affects NASM Netwide Assembler 2.17rc0, specifically the do_directive function in preproc.c. The issue is a use-after-free vulnerability that requires local access to exploit. The public exploit is noted in the sources. The connected documents confirm the vulnerability’s existence a...
Linux Distros Unpatched Vulnerability : CVE-2023-49558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expandmmacparams function in the modules/preprocs/nasm/nasm-pp.c...
NASM Netwide Assember 安全漏洞
NASM Netwide Assember is an assembler and disassembler from the NASM team. A security vulnerability exists in NASM Netwide Assember version 2.17rc0, which stems from a post-release reuse issue in the function dodirective in the file preproc.c. The vulnerability is caused by the use of the functio...
Linux Distros Unpatched Vulnerability : CVE-2023-49555
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expandsmacro function in the modules/preprocs/nasm/nasm-pp.c...
CVE-2012-10047
Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a...
Linux Distros Unpatched Vulnerability : CVE-2023-49554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the dodirective function in the...
Template Injection
Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Template Injection in the prepareprompts function, which allows the ContextualPreprocessor template to be corrupted. Note: Code injection is not...
SUSE-SU-2025:20394-1 Security update for less
This update for less fixes the following issues: - Updated to version 668 Fixed crash when using --header on command line Fixed possible crash when scrolling left/right or toggling -S Fixed bug when using stop in a lesskey file Fixed bug when using --shift or --match-shift on command line with a...
PHP Exec, PHP Command Shell, Bind TCP (via perl) IPv6
Execute a PHP payload from a command. Listen for a connection and spawn a command shell via perl persistent over IPv6 Module Options msf use payload/cmd/unix/php/bindperlipv6 msf payloadbindperlipv6 show actions ...actions... msf payloadbindperlipv6 set ACTION msf payloadbindperlipv6 show options...
A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512.
...
CVE-2023-20270
A vulnerability in the interaction between the Server Message Block SMB protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS conditi...
CVE-2021-20076
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...
WordPress Pet World theme <= 2.8 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Pet World versions = 2.8...