13 matches found
pypdf 安全漏洞
pypdf is an open-source, free, and pure Python PDF library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages of PDF files. Prior to version 6.9.2, pypdf had a security vulnerability that could be exploited by attackers to create PDF files that led to infinite...
CVE-2026-33699 pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider...
CVE-2026-32523
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...
CVE-2026-32523
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...
Fedora 43 : wordpress (2026-5774d46593)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5774d46593 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...
Fedora 44 : wordpress (2026-bf984d4931)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bf984d4931 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...
WordPress 6.0 < 6.9.2
WordPress versions 6.0 6.9.2 are affected by one or more vulnerabilities %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory wordpress-6-9-2-release. include'compat.inc'; if description scriptid301728;...
MiracleLinux 3 : kernel-2.6.18-128.9AXS3 (AXSA:2009-387:10)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-387:10 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security bugs fixed by this release: CVE-2009-2692 The Linux...
Johnson Controls iSTAR Ultra 安全漏洞
Johnson Controls iSTAR Ultra is an access controller from Johnson Controls, Inc. It provides network resiliency and faster processing speeds. A security vulnerability exists in Johnson Controls iSTAR Ultra versions 6.9.2 and earlier, which stems from incomplete firmware validation and could lead ...
CVE-2025-46610
ARTEC EMA Mail 6.92 allows CSRF...
AZL-34865 CVE-2023-6111 affecting package kernel for versions less than 6.6.29.1-4
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...
oniguruma: Use-after-free in onig_new_deluxe() in regext.c
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
Oniguruma Memory Misreference Vulnerability
Oniguruma is a BSD-licensed regular expression library that supports multiple character encodings. A memory misreference vulnerability exists in onignewdeluxe in regext.c in Oniguruma 6.9.2, which can be exploited by an attacker to obtain information, execute code, or cause a denial of service by...