CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

EUVD-2025-3520

Malicious code in bioql PyPI...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...

OPENSUSE-SU-2025:15346-1 keylime-ima-policy-0.2.7+117-1.1 on GA media

These are all security issues fixed in the keylime-ima-policy-0.2.7+117-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE-SU-2025:20491-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - CVE-2024-12224: idna: Fixed improper validation in punycode bsc1243861 - Update to version 0.2.7+70: builddeps: bump wiremock from 0.6.2 to 0.6.3 builddeps: bump uuid from 1.16.0 to 1.17.0 lib: Introduce AgentIdentity structure gitignore:...

OPENSUSE-SU-2025:15294-1 keylime-ima-policy-0.2.7+70-2.1 on GA media

These are all security issues fixed in the keylime-ima-policy-0.2.7+70-2.1 package on the GA media of openSUSE Tumbleweed...

WordPress plugin WP DataTable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2022-24193

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability...

CVE-2024-56799

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2025-23902

CVE-2025-23902 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Error Notification (Taras Dashkevych). Affected versions are listed as up to 0.2.7 (scope: from n/a through 0.2.7). The Red Hat advisory confirms the same CVE and description. There are no connected...

WordPress plugin Error Notification 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-56799

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2024-56799 Simofa Allows Unauthenticated Access to API Routes

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2024-56799 Simofa Allows Unauthenticated Access to API Routes

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2024-50947

An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2024-44775

An issue in kmqtt v0.2.7 allows attackers to cause a Denial of ServiceDoS via a crafted request...

CVE-2024-44775

kmqtt v0.2.7 is vulnerable to Denial of Service DoS due to a Null Pointer Exception. A remote attacker can cause the broker to crash by sending a specially crafted MQTT CONNECT packet that triggers an unhandled null reference, leading to an immediate process termination...

PT-2024-31243 · Kmqtt · Kmqtt

Name of the Vulnerable Software and Affected Versions: kmqtt version 0.2.7 Description: The issue allows attackers to cause a Denial of Service DoS via a crafted request. Recommendations: For kmqtt version 0.2.7, at the moment, there is no information about a newer version that contains a fix for...

SUSE CVE-2017-6831

Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...