CVE-2023-43645

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's...

Fedora 41 : runc (2025-c2fa2eb17c)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c2fa2eb17c advisory. Update to release v1.3.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 42 : runc (2025-c4d00e29b7)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c4d00e29b7 advisory. Update to release v1.3.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 44 : runc (2025-0022827a20)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0022827a20 advisory. Automatic update for runc-1.3.2-1.fc44. Changelog Tue Oct 7 2025 Bradley G Smith - 2:1.3.2-1 - Update to release v1.3.2 - Resolves: rhbz2399284,...

PT-2025-36208

Name of the Vulnerable Software and Affected Versions: Simasicher SimaCookie versions through 1.3.2 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Simasicher SimaCookie, which also allows Stored Cross-Site Scripting XSS. Recommendations: At the moment, there is no...

CVE-2024-27574

SQL Injection vulnerability in Trainme Academy version Ichin v.1.3.2 allows a remote attacker to obtain sensitive information via the informacion, idcurso, and tit parameters...

GHSA-2HM9-H873-PGQH OpenFGA Vulnerable to DoS from circular relationship definitions

Overview OpenFGA is vulnerable to a DoS attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's possible for the server to exhaust resources and die. Am I Affected? Yes, if your store contains an...

OpenFGA Vulnerable to DoS from circular relationship definitions

Overview OpenFGA is vulnerable to a DoS attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's possible for the server to exhaust resources and die. Am I Affected? Yes, if your store contains an...

CVE-2023-43645 Denial of service from circular relationship definitions in OpenFGA

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's...

CVE-2023-27602

In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...

CVE-2021-21305

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1, there is a code injection vulnerability. The "manipulate!" method inappropriately evals the content of mutation option:read/:write...

Cross site scripting

In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible. Under certain conditions, a user provided attachment file name can inject HTML leading to a persistent Cross-site scripting XSS vulnerability. The vulnerability has been fixed in PrivateBin...

Sql injection

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

CVE-2019-1000010

Summary (CVE-2019-1000010): phpIPAM versions 1.3.2 and earlier contain a Cross Site Scripting (XSS) vulnerability in the subnet-scan-telnet.php component. The issue allows an attacker to craft a link that, when visited by a user, can execute code in the victim’s browser. The vulnerability’s impac...

Design/Logic Flaw

An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...

CVE-2017-1000053

Elixir Plug prior to v1.0.4, v1.1.7, v1.2.3, and v1.3.2 is vulnerable to arbitrary code execution via deserialization in Plug.Session. The issue stems from the deserialization functions of Plug.Session, per CVE-2017-1000053. NVD notes a base score of 6.8 (MEDIUM) under CVSS2 and 8.1 (HIGH) under ...

FdScript <= 1.3.2 (download.php) Remote File Disclosure Vulnerability

No description provided by source. Title : FdScript = v1.3.2 Remote File Disclosure Vulnerability Author : ajann Contact : : Site : http://stud.usv.ro/vladl/ $$ : Free SOURCE--------------------------------------------------------- http://target/path//download.php?fname=SOURCE FILE Example:...

CMSQLITE 1.3.2 - Multiple Vulnerabiltiies

No description provided by source. Title: ====== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Date: ===== 2012-10-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=726 VL-ID: ===== 726 Common Vulnerability Scoring System: ==================================== 4.3...

Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability

No description provided by source. ============= Forest Blog v1.3.2 blog.mdb Remote Database Disclosure Vulnerability auther : Cold z3ro, www.hackteach.org http://site.com/Path/blog.mdb Dork : Powered By: Forest Blog v1.3.2 ============= milw0rm.com 2008-12-15...

Forest Blog Database Disclosure

============= Forest Blog v1.3.2 blog.mdb Remote Database Disclosure Vulnerability auther : Cold z3ro, www.hackteach.org http://site.com/Path/blog.mdb Dork : Powered By: Forest Blog v1.3.2 =============...