25 matches found
Revive Adserver: Missing ownership validation allows cross‑manager tracker–campaign linking
A vulnerability was reported in Revive Adserver version 6.0.7 and earlier that allowed a low-privileged user to link their trackers to campaigns owned by other managers on the same instance. This was due to a lack of proper ownership validation in the tracker-campaigns.php script, which handled t...
CVE-2019-25267
Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...
GHSA-JQMQ-FPWV-P925 Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass. This issue affects Simple OAuth OAuth2 & OpenID Connect: from 6.0.0 before 6.0.7...
EUVD-2025-36872
Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass...
CVE-2025-12466
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass.This issue affects Simple OAuth OAuth2 & OpenID Connect: from 6.0.0 before 6.0.7...
September 9, 2025—KB5065427 (OS Build 14393.8422)
September 9, 2025—KB5065427 OS Build 14393.8422 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the...
CVE-2022-36076
NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. Due to an unnecessarily strict conditional in the code handling the first step of the SSO process, the pre-existing logic that added and later checked a nonce was inadvertently rendered opt-i...
CVE-2024-46489
A remote command execution RCE vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL...
deepin-reader Security Vulnerabilities
deepin-reader is a small, fast, full-featured document viewing tool open source by Wuhan deepin Technology Co. deepin-reader 6.0.7 before the version of a security vulnerability , the vulnerability stems from the existence of file overwrite vulnerability , which may lead to remote code execution...
PT-2023-24653 · Spring · Spring Security
Name of the Vulnerable Software and Affected Versions: Spring Security versions prior to 5.8.7 Spring Security versions prior to 6.0.7 Spring Security versions prior to 6.1.4 Spring Security versions prior to 6.2.0-M1 Description: The spring-security.xsd file inside the spring-security-config jar...
SUSE CVE-2018-16858
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...
PT-2022-34875 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: A memory leak issue was discovered in the nsim bus dev new function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2022-34907 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue concerns a memory leakage related to Page Table Entries PTE in the Linux Kernel. It was introduced in version v5.15 and fixed in version v6.0.7. The actual impact and attack...
PT-2022-34894 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the bpf component, specifically with the decl tag being referenced in func proto. The actual impact and attack plausibility have not yet been proven. Recommendations:...
PT-2022-34915 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to memory corruption with too many bridges in the drm/msm/hdmi component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-34900 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to a potential security vulnerability in the Linux Kernel. It was introduced in version v5.17 and fixed in version v6.0.7. The actual impact and attack plausibility have...
PT-2022-34898 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the addition of atomic check to bridge ops in the drm/msm/dp module. It was introduced in version v5.17 and fixed in version v6.0.7. The actual impact and attack...
PT-2022-34917 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue concerns several use-after-free bugs in the fbdev: smscufx component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-34919 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: A memory leak was discovered in the load elf binary function. The issue was introduced in version v5.7 and is fixed in Linux Kernel version v6.0.7. Recommendations: For Linux Kernel versions...
PT-2022-34879 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to a possible memory leak in the i2sbus add dev function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...