CVE-2024-3148 DedeCMS makehtml_archives_action.php sql injection

A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112. This issue affects some unknown processing of the file dede/makehtmlarchivesaction.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

The vulnerability of the macsec_add_dev() function in the drivers/net/macsec.c module of the Linux kernel allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the macsecadddev function in the drivers/net/macsec.c module of the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the _bfd_elf_slurp_version_tables function in the elf.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the bfdelfslurpversiontables function in the elf.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure...

CVE-2023-43700

Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication...

CVE-2023-42387

An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain sensitive information via getdbinfo function in install.php...

CVE-2023-3231

A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This vulnerability affects unknown code of the component ZIP Package Handler. The manipulation of the argument dir leads to information disclosure. The attack can be initiated remotely. The complexity of an attack ...

The vulnerability of the rl_safe_eval() function in the ReportLab library allows a hacker to bypass security restrictions and execute arbitrary code.

The vulnerability of the rlsafeeval function in the ReportLab library is related to improper code generation. Exploiting this vulnerability could allow a remote attacker to bypass security restrictions and execute arbitrary code...

CVE-2023-2411

A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/inquiries/viewinquiry.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

The vulnerability of the `undo_mark_statuses_as_sensitive` method (app/services/approve_appeal_service.rb) in the web application for deploying distributed social networks like Mastodon allows a violator to gain unauthorized access to protected information.

The vulnerability of the undomarkstatusesassensitive method app/services/approveappealservice.rb in the web application for deploying distributed social networks like Mastodon is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating...

SUSE CVE-2006-2444

The snmptrapdecode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service crash via unspecified remote attack vectors that cause failures in snmptrapdecode that trigger 1 frees of random memory or 2 frees of previously-freed memory...

SUSE CVE-2008-4360

moduserdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a...

SUSE CVE-2011-3368

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

SUSE CVE-2014-3570

The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to...

SUSE CVE-2015-0206

Memory leak in the dtls1bufferrecord function in d1pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service memory consumption by sending many duplicate records for the next epoch, leading to failure of replay detection...

The vulnerability of the `git_delta_apply` function in the `delta.c` component of the Git methods implementation in the C language, Libgit2, allows a attacker to trigger a service failure.

The vulnerability of the gitdeltaapply function in the delta.c component of the Git methods implementation in the C language, part of Libgit2, relates to reading data beyond the allowable buffer size. Exploiting this vulnerability allows an attacker to trigger a service failure remotely...

CVE-2014-125020

A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decodeupdatethreadcontext. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue...

The vulnerability of the wrap_nettle_hash_fast() function implementation in the GnuTLS cryptographic library allows a attacker to trigger a denial-of-service attack.

The vulnerability of the wrapnettlehashfast function implementation in the GnuTLS cryptographic library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the Media_RewriteODFrame function in the MP4Box command of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the MediaRewriteODFrame function in the MP4Box module of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

CVE-2022-23986

SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors...

The vulnerabilities of the functions rx_cache_find() and rx_cache_insert() in the packet capture and analysis utility tcpdump allow a hacker to induce a service failure.

The vulnerability of the functions rxcachefind and rxcacheinsert in the tcpdump utility for capturing and analyzing network traffic involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...