1495 matches found
CVE-2024-3976 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to...
CVE-2024-3051
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gateway during this time...
CVE-2024-30229
Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through = 3.4.2...
CVE-2024-56282
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through =...
CVE-2024-56013
Authentication Bypass Using an Alternate Path or Channel vulnerability in wovax Wovax IDX wovax-idx allows Authentication Bypass.This issue affects Wovax IDX: from n/a through = 1.2.2...
CVE-2024-56064
Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through = 2.3.3...
GO-2025-3421 ParsePKCS1PrivateKey panic with partial keys in crypto/x509
Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed...
CVE-2025-21548
The CVE-2025-21548 entry concerns Oracle MySQL Connectors (Connector/Python) with affected versions 9.1.0 and prior. The vulnerability enables a high-privileged attacker, with network access via multiple protocols, to compromise MySQL Connectors. Attacks require user interaction from someone othe...
CVE-2025-21660 ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbdvfskernpathlocked When ksmbdvfskernpathlocked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the...
BELL-CVE-2025-21652
Bulletin has no description...
BIT-PYTHON-MIN-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter
An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...
CVE-2024-57635
An issue in the chasharray component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57640
An issue in the dcaddint component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
BELL-CVE-2024-49573
Bulletin has no description...
CVE-2024-54731
cpdf through 2.8 allows stack consumption via a crafted PDF document...
OSV-2025-16 UNKNOWN READ in png_free_data
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386860184 Crash type: UNKNOWN READ Crash state: pngfreedata pngdestroyinfostruct pngdestroyreadstruct...
BELL-CVE-2024-56690
Bulletin has no description...
BELL-CVE-2024-56612
Bulletin has no description...
BELL-CVE-2024-56645
Bulletin has no description...
BELL-CVE-2024-56628
Bulletin has no description...