MiracleLinux 4 : spice-server-0.12.0-12.AXS4.3 (AXSA:2013-596:04)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-596:04 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computin...

EUVD-2018-1872

Malware in sbrugna...

EUVD-2024-2845

Malicious code in bioql PyPI...

Security update for buildkit

This update for buildkit fixes the following issues: Update to version 0.12.5: update runc to v1.1.12 exec: add extra validation for submount sources fixes CVE-2024-23651, bsc1219267 oci: fix error handling on submount calls executor: recheck mount stub path within root after container run fixes...

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

PT-2024-11510 · WordPress · Wpgraphql Woocommerce

Name of the Vulnerable Software and Affected Versions: WPGraphQL WooCommerce WordPress plugin versions prior to 0.12.4 Description: The issue allows unauthenticated attackers to enumerate a shop's coupon codes and values via GraphQL. This can be done through GraphQL endpoints, potentially exposin...

cpp-httplib 注入漏洞

cpp-httplib is an HTTP/HTTPS server and client library written in C++. A security vulnerability exists in cpp-httplib versions prior to 0.12.4 that stems from vulnerability to CRLF injection, which can lead to logic errors and other misbehavior...

SUSE CVE-2021-42586

A heap buffer overflow was discovered in copybytes in decoder2007.c in dwgread before 0.12.4 via a crafted dwg file...

Reference counting error in pyo3

An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From...

CVE-2020-35917

An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From...

Design/Logic Flaw

An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From...

DEBIAN-CVE-2018-1000178

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp line 62 that allows an attacker to execute code remotely...

CVE-2018-1000179

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handleconst Login &msg coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service...

DEBIAN-CVE-2018-1000179

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handleconst Login &msg coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service...

CVE-2018-1000178

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp line 62 that allows an attacker to execute code remotely...

CVE-2018-1000179

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handleconst Login &msg coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service...

Quassel Code Execution Vulnerability

Quassel aka Quassel IRC is a cross-platform distributed IRC chat client developed by the Quassel IRC team , which is developed using the QT application framework , PostgreSQL database to store data . A security vulnerability exists in void DataStreamPeer::processMessageconst QByteArray &msg in th...

quasselcore denial of service vulnerability

Quassel aka Quassel IRC is a cross-platform distributed IRC chat client developed by the Quassel IRC team , which is developed using the QT application framework , PostgreSQL database to store data . A security vulnerability exists in CoreAuthHandler::handleconst Login &msg in the...

Brave URI Obfuscation Vulnerability

Brave is a Web browser product from Brave Software, Inc. in the United States. A URI obfuscation vulnerability exists in Brave version 0.12.4, which can be exploited by attackers to redirect users to malicious websites, resulting in the disclosure of personal information or property damage...

Brave Status Bar Obfuscation Vulnerability

Brave is a Web browser product from Brave Software, Inc. in the United States. A status bar obfuscation vulnerability exists in Brave version 0.12.4, which may unintentionally redirect to a malicious website. An attacker can exploit this vulnerability to redirect users to malicious websites,...