12 matches found
EUVD-2026-42044
An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...
PT-2026-56197
Name of the Vulnerable Software and Affected Versions Django versions prior to 6.0.7 Django versions prior to 5.2.16 Description An issue exists where DomainNameValidator fails to prohibit newlines in domain names. While CharField strips newlines when used via a form field, other implementations...
Revive Adserver: Missing ownership validation allows cross‑manager tracker–campaign linking
A vulnerability was reported in Revive Adserver version 6.0.7 and earlier that allowed a low-privileged user to link their trackers to campaigns owned by other managers on the same instance. This was due to a lack of proper ownership validation in the tracker-campaigns.php script, which handled t...
CVE-2019-25267
Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...
GHSA-JQMQ-FPWV-P925 Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass. This issue affects Simple OAuth OAuth2 & OpenID Connect: from 6.0.0 before 6.0.7...
EUVD-2025-36872
Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass...
CVE-2024-46489
A remote command execution RCE vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL...
SUSE CVE-2018-16858
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...
PT-2022-34915 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to memory corruption with too many bridges in the drm/msm/hdmi component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-34898 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the addition of atomic check to bridge ops in the drm/msm/dp module. It was introduced in version v5.17 and fixed in version v6.0.7. The actual impact and attack...
CVE-2022-36834
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction...
CVE-2020-9294
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface...