19 matches found
PT-2026-50925
Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.6.0 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The AbstractGenerator::$temporaryFiles public array allows any code with a reference to a generator instance to...
OpenClaude 安全漏洞
OpenClaude is an open-source coding assistant CLI developed by Gitlawb. Versions of OpenClaude prior to 0.5.1 contained security vulnerabilities. These vulnerabilities were due to logical flaws in the conditional order logic within the MCP authentication process, allowing attackers to completely...
ABB Ability OPTIMAX
SUMMARY ABB became aware of severe vulnerability in the products versions listed as affected in the advisory, if the optional integration with Azure Active Directory for Single-Sign On is enabled. We have not received any reports of this vulnerability being exploited. An attacker who...
CVE-2023-29656
An improper authorization vulnerability in Darktrace mobile app Android prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actionsblock/unblock traffic from the mobile application. This vulnerability could create a "shutdown", blocking all ingress or egress...
DEBIAN-CVE-2023-53755
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling ptcmdcallback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the ptissuepending functi...
EUVD-2019-11979
Malware in sbrugna...
EUVD-2021-30402
Malicious code in bioql PyPI...
PT-2025-22271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns a couple of races in MNT TREE BENEATH handling by do move mount. Normally, do lock mount locks a mountpoint pinned by the path, but in the 'beneath' case, the object...
CVE-2025-21105
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down t...
PT-2024-37869 · Connex · Connex
Name of the Vulnerable Software and Affected Versions: Connex health portal versions prior to 8/30/2024 Description: The issue concerns SQL injection vulnerabilities that could allow an unauthenticated attacker to gain unauthorized access to the Connex portal's database. An attacker could submit ...
SUSE CVE-2020-14385
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is...
Security Vulnerabilities fixed in Thunderbird 91.6 — Mozilla
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Thunderbird on Windows. Other operating systems are unaffected. If a...
OTRS AG OTRS Input Validation Error Vulnerability
OTRS is an application from the German company OTRS. A service management software. OTRS AG An input validation error vulnerability exists in OTRS that arises from the system not properly validating incoming data. An attacker placing a specially crafted URL in the body of an email message could...
SAP Netweaver 授权问题漏洞
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An authorization issue vulnerability exists in SAP Netweaver AS JAVA P2P Cluster Communication versions 7.11,...
The vulnerability of the `var_NetworkSettingDhcpSvrRoute` function in the Moxa EDR-810 industrial router’s software allows a attacker to trigger an emergency shutdown of the device.
The vulnerability of the varNetworkSettingDhcpSvrRoute function in the Moxa EDR-810 industrial router’s microprogramming system is related to the lack of input data verification when accessing by using the OID identifier index. Exploiting this vulnerability can allow a malicious actor to trigger ...
Schneider Electric Floating License Manager ICSA-19-192-07 Multiple Security Vulnerabilities
Description Schneider Electric Floating License Manager is prone to multiple security vulnerabilities Attackers can exploit these issues to shut down the affected device, denying service to legitimate users. Floating License Manager version 2.3.0.0 and prior are vulnerable. Technologies Affected...
PT-2017-16333 · Sendquick +1 · Sendquick Entera +1
Name of the Vulnerable Software and Affected Versions: SendQuick Entera versions prior to 2HF16 Avera versions prior to 2HF16 Description: An issue was discovered where the application failed to check the access control of the request, which could result in an attacker being able to shutdown the...
The vulnerability of the MySQL database management system allows a hacker to cause a service failure.
The vulnerability of the Server sub-component in the MySQL database management system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the operating system to become unresponsive, or in rare cases, to cause an emergency shutdown...
MS01-046: IrDA Driver Malformed Packet Remote DoS (252795)
The hotfix for the 'IrDA access violation patch' problem has not been applied. This vulnerability can allow an attacker who is physically near the W2K host to shut it down using a remote control. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10734;...