1051 matches found
CVE-2020-37058 Andrea ST Filters Service 1.0.64.7 - Unquoted service path
Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup...
EUVD-2020-30956
Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup...
CVE-2020-37058
Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37969)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37969 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37970)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37970 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37857)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37857 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in stsetup...
CVE-2025-29329
Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...
CVE-2025-29329
Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...
CVE-2025-29329
Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
CVE-2023-29031
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992853)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992853 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlcremove due to race condition This bug influences both...
SUSE CVE-2022-50776
In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in stofquadfssetup If stclkregisterquadfspll fails, @lock should be freed before goto @errexit, otherwise will cause meory leak issue, fix it...
CVE-2022-50776
CVE-2022-50776: In the Linux kernel, a memory leak in the clk: st subsystem was fixed. Specifically, if st_clk_register_quadfs_pll() fails, the @lock must be freed before jumping to err_exit to avoid leaking memory. The advisory states the issue was resolved in the kernel, but the provided docume...
Malicious code in @ra-ide/st-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49ae7d07061ce406d972052f23649e631bb22f724cd85c8ab0c73b18689ecb36 The package @ra-ide/st-frontend was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-198327
Malicious code in @ra-ide/st-frontend npm...
MAL-2025-190595 Malicious code in @ra-ide/st-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49ae7d07061ce406d972052f23649e631bb22f724cd85c8ab0c73b18689ecb36 The package @ra-ide/st-frontend was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-143159
Malicious code in budi-st-rusmaya npm...
CVE-2025-11878
The ST Categories Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's st-categories shortcode in versions less than, or equal to, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-35327
The ST Categories Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's st-categories shortcode in versions less than, or equal to, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...