Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016615 advisory. A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...

Astra Linux - уязвимость в libraw

LibRaw before 0.20-RC1 lacks a check for the thumbnail size range. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength is used without validating T.tlength...

EUVD-2022-6957

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-20740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdfgetversion. CVE-2020-20740 Note that Nessus relies on the presence o...

CVE-2022-39254

matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without checking who the room ke...

PT-2024-38800 · WordPress · Posts Reminder Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Posts reminder WordPress plugin versions 0.20 and earlier Description: The issue concerns a lack of CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. This could...

PT-2024-14979 · WordPress · Splashscreen Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Splashscreen WordPress plugin versions 0.20 and earlier Description: The issue is related to the lack of a CSRF check when updating settings in the Splashscreen WordPress plugin. This could allow attackers to make a logged-in admin change...

CVE-2022-39254

matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without checking who the room ke...

Design/Logic Flaw

matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without checking who the room ke...

CVE-2022-39254 When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder

matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without checking who the room ke...

PT-2022-24846 · Unknown · Matrix-Nio

Name of the Vulnerable Software and Affected Versions: matrix-nio versions prior to 0.20 Description: The issue arises when a user requests a room key from their devices. The software remembers the request but fails to check the origin of the forwarded room key, allowing homeservers to potentiall...

X-Changer 0.20 Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17322/info X-Changer is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...

UBUNTU-CVE-2012-4460

The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not...

Apache Rave User Information Disclosure Vulnerability

Apache Rave is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:rave";...

PT-2013-1674 · Apache · Apache Qpid

Name of the Vulnerable Software and Affected Versions: Apache Qpid versions 0.20 and earlier Description: The issue affects the serializing/deserializing functions in the qpid::framing::Buffer class, allowing remote attackers to cause a denial of service through unspecified vectors, potentially...

X-Changer 0.20 - Multiple SQL Injections

X-Changer 0.20 - Multiple SQL Injections source: https://www.securityfocus.com/bid/17322/info X-Changer is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...