GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.22 of GitHub Enterprise Server, there was a security...

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

PT-2025-47283

Name of the Vulnerable Software and Affected Versions Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress versions prior to 3.22 Description The software is susceptible to Stored Cross-Site Scripting through its lightbox functionality. This is due to inadequate input...

WordPress Plugin Database Reset Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-41325 OP-TEE double free in shdr_verify_signature

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

CVE-2023-41325

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

CVE-2023-41325 OP-TEE double free in shdr_verify_signature

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

CVE-2014-3618 affecting package procmail for versions less than 3.22-53

CVE-2014-3618 affecting package procmail for versions less than 3.22-53. A patched version of the package is available...

CVE-2021-40339

Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...

Design/Logic Flaw

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

SEGGER embOS/IP FTP Server Denial of Service Vulnerability

SEGGER embOS/IP FTP Server is an FTP server from SEGGER Microcontroller, Germany. A security vulnerability exists in SEGGER embOS/IP FTP Server version 3.22. A remote attacker can cause a denial of service daemon crash by sending an invalid LIST, STOR, or RETR command to exploit the vulnerability...

UBUNTU-CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

Debian: Security Advisory (DSA-3019-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

web calendar system <= 3.40 (xss/sql) Multiple Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

Serendipity 1.5.5 Event Freetag Cross Site Scripting

Advisory: Cross-Site Scripting vulnerability in Serendipity Plugin "serendipityeventfreetag" Advisory ID: SSCHADV2011-004 Author: Stefan Schurtz Affected Software: Successfully tested on: Serendipity 1.5.5 with serendipityeventfreetag - version 3.21 Vendor URL: http://www.s9y.org Vendor Status:...

PT-2006-3529 · Nucleus · Nucleus

Name of the Vulnerable Software and Affected Versions: Nucleus versions 3.22 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSDIR LIBS parameter in the nucleus/libs/PLUGINADMIN.php file. Recommendations: For versions 3.22 and earlier...

Mandrake Linux Security Advisory : stunnel (MDKSA-2002:004)

All versions of stunnel from 3.15 to 3.21c are vulnerable to format string bugs in the functions which implement smtp, pop, and nntp client negotiations. Using stunnel with the '-n service' option and the '-c' client mode option, a malicious server could use the format sting vulnerability to run...