14 matches found
EUVD-2025-20249
Malicious code in bioql PyPI...
MongoDB 8.0.x < 8.0.10 DoS (SERVER-106751)
The version of MongoDB installed on the remote host is 8.0 prior to 8.0.10. It is, therefore, affected by a vulnerability as referenced in the SERVER-106751 advisory. - MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition...
CVE-2025-6712
MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory...
Fedora 40 : dotnet8.0 (2024-204d982a2e)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-204d982a2e advisory. This is the October 2024 security release of .NET 8. The SDK version is 8.0.110 and the Runtime version is 8.0.10. Release Notes: - SDK:...
Fedora 39 : dotnet8.0 (2024-180560c54b)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-180560c54b advisory. This is the October 2024 security release of .NET 8. The SDK version is 8.0.110 and the Runtime version is 8.0.10. Release Notes: - SDK:...
Use After Free
Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...
WordPress Quiz And Survey Master Plugin <= 8.0.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.0.10 Fixed in 8.1.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-26524 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c4b1a4af0da2 Credits Rio Darmawa...
PT-2022-11201 · Tencent · Wechat
Name of the Vulnerable Software and Affected Versions: WeChat versions 8.0.10 Description: A mini program in the WeChat application can obtain sensitive information from a user's address book via wx.searchContacts. This issue allows unauthorized access to user data. Recommendations: For WeChat...
Tencent WeChat 信息泄露漏洞
Tencent WeChat 微信 is an online social networking application from the Chinese company Tencent. The program supports sending voice messages, videos, images, and text, among others. A security vulnerability exists in Tencent WeChat version 8.0.10, which stems from an applet that can obtain sensitiv...
CVE-2020-12004
The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to 7.9.14, allowing an attacker to obtain sensitive information. Recent assessments: cdelafuente-r7 at June 26, 2020 11:13am UTC...
Inductive Automation Ignition Code Issue Vulnerability
Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, USA. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. A code issue vulnerability exists in the handling of serialized da...
Inductive Automation Ignition Access Control Error Vulnerability
Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. An access control error vulnerability exists in Inductive Automati...
Palo Alto PAN-OS cross-site scripting vulnerability (CNVD-2018-15748)
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A cross-site scripting vulnerability exists in the continue page of Palo Alto Networks PAN-OS 8.0.10 and earlier versions. The vulnerability can be exploited to inject arbitrary...
ownCloud Multiple Vulnerabilities (Mar 2016) - Windows
ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; ifdescription...