9565 matches found
K000150232: Multiple PHP vulnerabilities
Security Advisory Description CVE-2007-2728 The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security...
CVE-2025-1949
A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown processing of the file /3/ucenterapi/code/registernodb.php of the component URL Handler. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack...
Linux Distros Unpatched Vulnerability : CVE-2017-15996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other...
CVE-2025-26914
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Variable Inspector variable-inspector allows Reflected XSS.This issue affects Variable Inspector: from n/a through = 2.6.2...
CVE-2025-26914 WordPress Variable Inspector plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Variable Inspector variable-inspector allows Reflected XSS.This issue affects Variable Inspector: from n/a through = 2.6.2...
CVE-2025-26914
CVE-2025-26914 (WordPress Variable Inspector) is a Reflected XSS in the Variable Inspector plugin for WordPress (affected: 2.6.2 and earlier). The CVE entry notes improper neutralization of input during web page generation, enabling reflected XSS. Severity is High (CVSS 3.1 base 7.1; Network atta...
CVE-2025-26914 WordPress Variable Inspector plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Variable Inspector variable-inspector allows Reflected XSS.This issue affects Variable Inspector: from n/a through = 2.6.2...
CVE-2024-53023
Memory corruption may occur while accessing a variable during extended back to back tests...
CVE-2024-53023
Memory corruption may occur while accessing a variable during extended back to back tests...
WordPress plugin Variable Inspector 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:0756-1 Security update for python
This update for python fixes the following issues: - Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694...
CLSA-2025-1740645491 python3.11: Fix of CVE-2023-27043
CVE-2023-27043: add a strict parsing mode to prevent incorrect address interpretation. By default, strict=True is enabled. If you need the legacy behavior, explicitly set strict=False when calling parseaddr or getaddresses - Additionally, strict parsing can be disabled globally by setting the...
SUSE CVE-2022-49582
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsaportresetvlanfiltering The "ds" iterator variable used in dsaportresetvlanfiltering - dsaswitchforeachport overwrites the "dp" received as argument, which is later used to call...
DEBIAN-CVE-2024-57985
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...
CVE-2024-57985
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...
UBUNTU-CVE-2024-57985
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...
CVE-2024-57985 firmware: qcom: scm: Cleanup global '__scm' on probe failures
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...
CVE-2024-57985 firmware: qcom: scm: Cleanup global '__scm' on probe failures
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...
CVE-2024-57985
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...