57 matches found
MINI-RV7F-52HP-67MM
Bulletin has no description...
CVE-2026-42535
A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...
PT-2026-47313
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A Use After Free issue exists in Apache HTTP Server when using mod ldap in per-directory configuration. Use After Free occurs when an application continues to use a pointer after it...
CVE-2026-33006 affecting package httpd for versions less than 2.4.67-1
CVE-2026-33006 affecting package httpd for versions less than 2.4.67-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-26772
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges...
CVE-2025-66420
Tryton sao aka tryton-sao before 7.6.9 allows XSS via an HTML attachment. This is fixed in 7.6.9, 7.4.19, 7.0.38, and 6.0.67...
PT-2025-48197
Name of the Vulnerable Software and Affected Versions XML-Sig versions 0.27 through 0.67 Description The Perl module XML-Sig does not correctly validate XML files when signatures are absent. An attacker can remove a signature from an XML document, causing the verification check to pass incorrectl...
📄 ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting
ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 — Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 📌 Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...
CVE-2025-56379
A stored cross-site scripting XSS vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field...
CVE-2025-57431
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and...
Sound4 PULSE-ECO AES67 安全漏洞
The Sound4 PULSE-ECO AES67 is a radio station audio processing device from Sound4 France. A security vulnerability exists in the Sound4 PULSE-ECO AES67 version 1.22, which stems from a firmware update mechanism that does not validate the integrity of manual.sh, and could lead to remote code...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54492
A stack-based buffer overflow in The Biosig Project libbiosig 3.9.0 and Master (35a819fa) MFER parsing can be triggered by a crafted MFER file, causing arbitrary code execution. The issue occurs in biosig.c line 9141 on master, when tag==67 (0x43: Sample skew); a local integer skew is overflowed ...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
Linux Distros Unpatched Vulnerability : CVE-2018-6142
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...
Linux Distros Unpatched Vulnerability : CVE-2019-9821
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. Thi...
Linux Distros Unpatched Vulnerability : CVE-2019-11710
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presu...
Linux Distros Unpatched Vulnerability : CVE-2019-9820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This...