12 matches found
Astra Linux – Vulnerability in Linux 5.10
A race condition was detected in the Linux kernel’s ebpf verifier between bpfmapupdateelem and bpfmapfreeze, due to a missing lock in the kernel/bpf/syscall.c file. In this flaw, a local user with special privileges capsysadmin or capbpf can modify the frozen mapped address space. This flaw affec...
Chamilo 代码问题漏洞
Chamilo is an open-source learning management system developed by Chamilo. Version Chamilo 2.0-RC.2 has code vulnerabilities. These vulnerabilities stem from the fact that the install.ajax.php file can be accessed without authentication. This could allow unauthorized attackers to exploit the SMTP...
CVE-2026-24830
Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2...
CVE-2026-22705 RustCrypto: Signatures has timing side-channel in ML-DSA decomposition
RustCrypto: Signatures offers support for digital signatures, which provide authentication of data using public-key cryptography. Prior to version 0.1.0-rc.2, a timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature...
Fedora 41 : dotnet10.0 (2025-969f0c8c1e)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-969f0c8c1e advisory. This is the .NET 10 GA update ---- Update .NET 10 to RC 2 Tenable has extracted the preceding description block directly from the Fedora security advisory...
PT-2024-35779 · Sangoma · Asterisk
Name of the Vulnerable Software and Affected Versions: Sangoma Asterisk versions 22.0.0-pre1 through 22.0.0-rc2 Description: The issue is related to the action listcategories function, which allows attackers to execute a path traversal. This could potentially lead to unauthorized access to...
XWiki Platform 跨站脚本漏洞
XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A cross-site scripting vulnerability exists in XWiki Platform, which stems from. Affected products and versions: XWiki Platform 2.6 RC2 and earlier, 2.7 RC1 and earlier...
Bludit 安全漏洞
Bludit is an open source lightweight blog content management system CMS. A security vulnerability exists in Bludit version 4.0.0-rc-2. An attacker can exploit the vulnerability to change the administrator password and elevate privileges via a specially crafted request...
SUSE CVE-2014-5326
Cross-site scripting XSS vulnerability in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-Q5V2-2V66-6HWM Improper Neutralization of Input During Web Page Generation in Direct Web Remoting
Cross-site scripting XSS vulnerability in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
UBUNTU-CVE-2020-14148
The Server-Server protocol implementation in ngIRCd before 26rc2 allows an out-of-bounds access, as demonstrated by the IRCNJOIN function...
dotProject cross-site scripting vulnerability
Overview dotProject, an open source project management tool, contains a cross-site scripting vulnerability. This vulnerability is different from JVN97636431. Impact An arbitrary script may be executed on the user's web browser. In particular, if session information from a cookie is leaked, sessio...