20 matches found
CVE-2026-37589
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/managestorageunit.php...
CVE-2025-14515
A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addunit.php. Such manipulation of the argument txtunitDetails leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2025-13259
A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/editunit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-13259
A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/editunit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-34135 Nagios XI < 2024R1.4.2 Overly Permissive Permissions on Systemd Unit Files
Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2, which stems from overly lax...
EUVD-2017-3180
Malware in sbrugna...
CVE-2015-8222
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors...
OPENSUSE-SU-2024:0194-2 Security update for keybase-client
This update for keybase-client fixes the following issues: Update to version 6.2.8 Update client CA Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo1213928. This is done via the new update-image-tiff.patch. - Limit parallel test executi...
PT-2024-24323 · Unknown · Sonic Shopfloor.Guide
Name of the Vulnerable Software and Affected Versions: Sonic Shopfloor.guide versions prior to 3.1.3 Description: A SQL injection issue in unit.php allows remote attackers to execute arbitrary SQL commands via the level2 parameter. This enables attackers to manipulate database queries, potentiall...
Exploit for Incorrect Authorization in Polkit_Project Polkit
PolicyKit CVE-2021-3560 Exploit Authentication Agent ====...
systemd/fuzz-unit-file: Use-of-uninitialized-value in streq_ptr
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=4908210742886400 Project: systemd Fuzzer: libFuzzersystemdfuzz-unit-file Fuzz target binary: fuzz-unit-file Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value...
systemd/fuzz-unit-file: Use-of-uninitialized-value in streq_ptr
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=5106486364602368 Project: systemd Fuzzer: libFuzzersystemdfuzz-unit-file Fuzz target binary: fuzz-unit-file Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value...
systemd/fuzz-unit-file: Use-of-uninitialized-value in streq_ptr
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=6015289054461952 Project: systemd Fuzzer: libFuzzersystemdfuzz-unit-file Fuzz target binary: fuzz-unit-file Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value...
systemd/fuzz-unit-file: Use-of-uninitialized-value in unit_name_is_valid
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=4923037330702336 Project: systemd Fuzzer: libFuzzersystemdfuzz-unit-file Fuzz target binary: fuzz-unit-file Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value...
systemd/fuzz-unit-file: Use-of-uninitialized-value in streq_ptr
Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=5646670466383872 Project: systemd Fuzzer: libFuzzersystemdfuzz-unit-file Fuzz target binary: fuzz-unit-file Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value...
tigervnc and fltk security, bug fix, and enhancement update
fltk 1.3.4-1 - Re-base to 1.3.4 + sync with Fedora tigervnc 1.8.0-1 - Update to 1.8.0 Resolves: bz1388620 1.7.90-2 - Make RandR callbacks optional Resolves: bz1444948 1.7.90-1 - Update to 1.7.90 Resolves: bz1388620 1.7.1-3 - Delete underlying ssecurity in SSecurityVeNCrypt CCVE-2017-7392 Resolves...
Fedora 26 : tigervnc (2017-2d0066d567)
Security fix for CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396. Add systemd unit file for Xvnc. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Code injection
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors...
CVE-2015-8222
The CVE-2015-8222 issue affects the Ubuntu lxd package prior to 0.20-0ubuntu4.1. The lxd-unix.socket systemd unit file assigns world-readable permissions to /var/lib/lxd/unix.socket, enabling local users to gain privileges via unspecified vectors. This is evidenced in multiple sources (Ubuntu/Deb...