CVE-2024-39027

SeaCMS v12.9 exposes an unauthorized SQL injection via the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, leading to leakage of sensitive database information. This vulnerability is documented across multiple sources (NVD/Red Hat/CNNVD/CVE records). Affected software is SeaCMS 12.9;...

SUSE-SU-2024:0638-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust bsc1218862. - CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data bsc1218865...

CVE-2022-4152 Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5, Contest Gallery Pro WordPress plugin before 19.1.5 do not escape the optionid POST parameter before concatenating it to an SQL query in edit-options.php. This may allow malicious users with at least author privilege to leak sensitive information...

SUSE-SU-2018:2362-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13053: The alarmtimernsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktimeaddsafe is not us...

SUSE-SU-2018:2369-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12)

This update for the Linux Kernel 3.12.61-52136 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...