34 matches found
EUVD-2025-209154
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
CVE-2025-71280
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
CVE-2025-71280
XenForo before 2.3.7 is affected by an information-disclosure vulnerability where local account pages could be cached on shared systems, exposing sensitive user data to other local users. The root cause is local page caching on multi-user machines. Impact is exposure of user information; CVSS met...
CVE-2025-71280 XenForo Local Account Page Caching Information Disclosure
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
CVE-2025-71280 XenForo Local Account Page Caching Information Disclosure
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
CVE-2025-71280
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
PT-2026-29416
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where multiple users share a browser or machine, cached account pages could expose sensitive user information to other local users...
Xenforo 信息泄露漏洞
Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.7 had a vulnerability related to information leakage, which originated from caching of local account pages on shared systems. This vulnerability could potentially lead to sensitive user information bein...
EUVD-2019-9497
Malware in sbrugna...
AZL-40403 CVE-2024-34397 affecting package glib for versions less than 2.71.0-7
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
DEBIAN-CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
Denial Of Service (DoS)
nethack is vulnerable to Denial Of Service DoS. The vulnerability exists in the NetHack installed suid/sgid and shared systems, which allows an attacker to provide malicious input to the "C" call command, leading to an applicacion crash...
DEBIAN-CVE-2023-24809
NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...
CVE-2023-24809
NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...
CVE-2023-24809 NetHack Call command buffer overflow
NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...
Insecure Cryptography
node uses an insecure cryptographic configuration. The vulnerability exists in opensslcommon.gypi because the default openssl.cnf directory on linux is not configured properly which allows an attacker to create new files on shared systems...
CVE-2022-32222
A vulnerability was found in NodeJS. The issue occurs when Node.js starts on Linux based systems and attempts to read /home/iojs/build/ws/out/Release/obj.target/deps/openssl/openssl.cnf, which ordinarily does not exist. This flaw allows an attacker on some shared systems to create this file and...
Node.js 代码问题漏洞
Node.js is an open source, cross-platform JavaScript runtime environment. Node.js suffers from a code issue vulnerability that stems from the fact that it attempts to read the normally non-existent /home/iojs/build/ws/out/Release/obj.target/deps/openssl/openssl.cnf file, which could be created by...
Avaya IP Office 11 Insecure Transit / Password Disclosure Vulnerability
Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
DEBIAN-CVE-2020-5211
In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems...