150 matches found
CVE-2025-42978
The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound...
CVE-2025-49727 Win32k Elevation of Privilege Vulnerability
...
CVE-2025-49760 Windows Storage Spoofing Vulnerability
...
CVE-2025-47977 Nuance Digital Engagement Platform Spoofing Vulnerability
...
CVE-2025-29828
CVE-2025-29828 (Windows Schannel Remote Code Execution) affects Windows Cryptographic Services. Description confirms missing release of memory after effective lifetime, enabling a remote attacker to execute code over a network. CVSS 3.1/3.1.0 base 8.1 (High) with network vector, no user interacti...
CVE-2025-5267
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2024-32097
Cross-Site Request Forgery CSRF vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.1...
CVE-2024-32822
Missing Authorization vulnerability in impleCode Reviews Plus.This issue affects Reviews Plus: from n/a through 1.3.4...
CVE-2024-0710
The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and repla...
CVE-2023-38544
A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system...
CVE-2019-10928
A vulnerability has been identified in SCALANCE SC-600 V2.0. An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated...
CVE-2025-29813 Azure DevOps Elevation of Privilege Vulnerability
...
CVE-2025-21581
CVE-2025-21581 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. The vulnerability is exploitable over the network with high privileges and can cause a hang or a frequently repeating crash (complete DoS) of MySQL Server. ...
GHSA-FMJ5-WV96-R2CH vulnerabilities
Vulnerabilities for packages: hadoop-fips...
curl: Double free caused by mqtt_doing()
mqttdoing lib/mqtt.c causes a double free under certain conditions. The conditions are 1 an mqttsend is unable to send its entire buffer at one time; and 2 the next call to mqttsend fails. The bug arises because mqttdoing frees the pointer mq-sendleftovers without nulling it line 755. Source belo...
CVE-2025-27595
CVE-2025-27595 concerns SICK DL100-2xxxxxxx devices where a weak password hash algorithm is used. The vulnerability allows an attacker to derive a matching password due to the weak hashing, impacting confidentiality, integrity, and availability. The CVSS 3.1 score is 9.8 (Network attack, no user ...
CVE-2025-25244
SAP Business Warehouse Process Chains allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data...
DLA-4079-1 openvpn - security update
Bulletin has no description...
Linux Distros Unpatched Vulnerability : CVE-2012-3143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and...
GHSA-QP3J-RXH4-Q4H8 vulnerabilities
Vulnerabilities for packages: firefox...