PT-2024-11774 · Fdupes +1 · Fdupes +1

Name of the Vulnerable Software and Affected Versions: FDUPES versions prior to 2.2.0 Description: A TOCTOU race condition in the deletefiles function allows for arbitrary file deletion via a symlink. Recommendations: For FDUPES versions prior to 2.2.0, update to version 2.2.0 or later to resolve...

CVE-2023-45003

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins Social Feed | Custom Feed for Social Media Networks plugin = 2.2.0 versions...

CVE-2023-38679

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. Thi...

SUSE CVE-2017-14988

Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe tha...

SUSE CVE-2018-9259

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth...

PT-2022-35693 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: A potential security issue has been identified in the Linux Kernel, related to the cpuinfo module. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

GHSA-JQWH-JRPG-5J3H Jenkins Favorite Plugin vulnerable to Cross-Site Request Forgery

Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification...

xxl-job cross-site scripting vulnerability

xxl-job is a distributed task scheduling platform with core design goals of rapid development, simple learning, lightweight, and easy scalability. xxl-job 2.2.0 suffers from a cross-site scripting vulnerability that can be exploited to inject arbitrary Web script or HTML via the AppName and...

Code Execution Vulnerability in LeShang Mall System v2.2.0

LeShang mall system is a based on THINKPHP5.0 as the core development of a free open source professional mall system. Code execution vulnerability exists in LeShang Mall System v2.2.0. An attacker can exploit the vulnerability to write arbitrary files and gain server privileges...

Wireshark Denial of Service Vulnerability (CNVD-2018-07444)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.LWAPP dissector is one of the lightweight access point protocol parsers. A security...

CVE-2016-8300

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Difficult to exploit vulnerability allows low privileged attacker with network acce...

CVE-2016-8298

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access...

CVE-2016-4179

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...