65 matches found
CVE-2026-43040
A flaw was found in the Linux kernel. When processing Router Advertisements with user options, the nduseroptmsg structure's padding fields are not properly zeroed. This oversight can lead to an information leak, potentially exposing sensitive kernel data. A remote attacker could exploit this to...
EUVD-2026-26639
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...
CVE-2025-68764
CVE-2025-68764 : The OSV entry confirms a Linux kernel fix for NFS automounts not inheriting user-specified mount flags (ro, noexec, nodev, sync). Root cause: during automount, the superblock options were not preserved; fix ensures these mount options propagate to the automounted filesystem. Impa...
Regular Expression Denial Of Service (ReDoS)
Yarn is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to improper handling of user-controlled options in the setOptions function, which allows a local attacker to supply crafted input that triggers excessive regular expression processing and causes a denial of...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
CVE-2023-1714
CVE-2023-1714 affects Bitrix24 22.0.300; the vulnerability is an unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php, enabling remote authenticated attackers to execute arbitrary code via (1) appending content to existing PHP files or (2) PHAR deserialization. Conne...
PT-2023-6687
Name of the Vulnerable Software and Affected Versions Bitrix24 version 22.0.300 Description An unsafe variable extraction issue exists in the bitrix/modules/main/classes/general/user options.php file. This allows remote authenticated attackers to execute arbitrary code through two methods:...
Chaos - Origin IP Scanning Utility Developed With ChatGPT
chaos is an 'origin' IP scanner developed by RST in collaboration with ChatGPT. It is a niche utility with an intended audience of mostly penetration testers and bug hunters. An origin-IP is a term-of-art expression describing the final public IP destination for websites that are publicly served...
SUSE CVE-2018-5950
Cross-site scripting XSS vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
Kentico CMS has an unspecified vulnerability
Kentico is the United States Kentico company's set of ASP.NET-based content management system CMS. A security vulnerability exists in Kentico CMS before 13.0.66, which can be exploited by an attacker with user administrative privileges administrator by default to export any user's user options,...
Kentico 安全漏洞
Kentico is the United States Kentico company's set of ASP.NET-based content management system CMS. A security vulnerability exists in Kentico CMS before 13.0.66, which can be exploited by an attacker with user administrative privileges administrator by default to export any user's user options,...
CentOS 7 : mailman (RHSA-2021:4913)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. - Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the...
RHEL 7 : mailman (RHSA-2021:4913)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...
mailman security update
CentOS Errata and Security Advisory CESA-2021:4913 An update for mailman is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
mailman: CSRF protection missing in the user options page
Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...
Cross-site Scripting (XSS)
mailman:bionic is vulnerable to cross-site scripting XSS attacks. A crafted URL to the user options page in Cgi/options.py results in arbitrary JavaScript executions...
Security fix for the ALT Linux 9 package mailman version 5:2.1.36-alt1
Nov. 13, 2021 Konstantin Lepikhov 5:2.1.36-alt1 - Updated to 2.1.36. - Security fixes: + CVE-2021-43331: A potential XSS attack via the user options. + CVE-2021-43332: A potential for for a list moderator to carry out an off-line brute force attack to obtain the list admin password...
Cross site scripting
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...