1738 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to acce...
CVE-2022-49433
The CVE-2022-49433 entry is confirmed with concrete details in connected advisories: in the Linux kernel RDMA/hfi1 driver, a path may call hfi1_free_devdata() with sdma_map_lock uninitialized if probe of hfi1 fails before sdma_map_lock is set up. This could lead to locking operations being perfor...
CVE-2022-49433
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been initialized. If th...
DLA-4066-1 fort-validator - security update
Bulletin has no description...
Debian: Security Advisory (DLA-4066-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4066-1] fort-validator security update
Debian LTS Advisory DLA-4066-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 24, 2025 https://wiki.debian.org/LTS Package : fort-validator Version : 1.5.3-1deb11u2 CVE ID : CVE-2024-45234 CVE-2024-45235 CVE-2024-45236 CVE-2024-45237 CVE-2024-45238...
Debian dla-4066 : fort-validator - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4066 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4066-1 [email protected]...
CVE-2024-13339
The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.0. This is due to missing or incorrect nonce validation on the 'debounceemailvalidator' page. This makes it possible for unauthenticated attackers to update...
Namada-apps allows Post-Genesis Validator Bypass
Impact Ledger crash. A user is able to initialize a post-genesis validator with a negative commission rate using the --force flag. If this validator gets into the consensus set, then when computing PoS inflation inside fn updaterewardsproductsandmintinflation, an instance of mulfloor will cause t...
GHSA-2GW2-QGJG-XH6P Namada-apps allows Post-Genesis Validator Bypass
Impact Ledger crash. A user is able to initialize a post-genesis validator with a negative commission rate using the --force flag. If this validator gets into the consensus set, then when computing PoS inflation inside fn updaterewardsproductsandmintinflation, an instance of mulfloor will cause t...
CVE-2024-13339
The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. This is due to missing or incorrect nonce validation on the 'debounceemailvalidator' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13339
The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.0. This is due to missing or incorrect nonce validation on the 'debounceemailvalidator' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13339 DeBounce Email Validator <= 5.8.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.0. This is due to missing or incorrect nonce validation on the 'debounceemailvalidator' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13339 DeBounce Email Validator <= 5.8.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.0. This is due to missing or incorrect nonce validation on the 'debounceemailvalidator' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13339
CVE-2024-13339 is a CSRF to Stored XSS vulnerability in the DeBounce Email Validator WordPress plugin. Public details show an unauthenticated attacker can forge requests (via the plugin’s settings page) to update settings and inject malicious scripts, affecting WordPress sites using the plugin up...
WordPress plugin DeBounce Email Validator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... The WordPress plugin...
CVE-2024-32838
SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious data into some of the REST API endpoints' query parameter. Users are recommended to upgrade to...
CVE-2024-32838
SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious data into some of the REST API endpoints' query parameter. Users are recommended to upgrade to...
CVE-2024-32838
CVE-2024-32838 affects Apache Fineract, specifically SQL injection in the offices API endpoint (and related endpoints such as dashboards). Vulnerable products are Fineract versions 1.9 and earlier; the issue allows an authenticated attacker to inject malicious data into REST API query parameters....
CVE-2024-32838 Apache Fineract: SQL injection vulnerabilities in offices API endpoint
SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious data into some of the REST API endpoints' query parameter. Users are recommended to upgrade to...