11 matches found
CVE-2026-9085
Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from =0.5.1 before 0.7.0...
CVE-2025-48023
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
PT-2026-7964
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions a...
CVE-2022-50704
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...
Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs
Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU with CVEs CVE-2024-21217, CVE-2024-21208, CVE-2024-10917, CVE-2024-9143 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Hyperledger Aries Cloud Agent Python Data Forgery Issue Vulnerability
Hyperledger Aries Cloud Agent Python is a tool for building the foundation of decentralized identity applications and services that run in non-mobile environments. A data forgery issue vulnerability exists in Hyperledger Aries Cloud Agent Python versions prior to 0.7.0, which stems from a data...
CVE-2023-32878
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...
CVE-2021-38320
The simpleSAMLphp Authentication WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /simplesamlphp-authentication.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.0...
Anchore Engine Command Execution Vulnerability
Anchore Engine is an open source service from US-based Anchore that analyzes Docker images and applies user-defined acceptance policies to allow automated container image validation and authentication. A security vulnerability exists in Anchore Engine version 0.7.0. An attacker can exploit the...
Telegram Web and Telegram for Android Server-Side Request Forgery Vulnerability
Telegram for Android is an instant messaging application based on the Android platform.Telegram Web is its web version. A server-side request forgery vulnerability exists in the 'secret chat' feature in Telegram version 4.9.1 and Telegram Web version 0.7.0 for the Android-based platform. No...
Lenovo System Update Signature Validation Bypass Vulnerability
Lenovo System Update aka ThinkVantage System Update is a system update software from Lenovo. The service component of Lenovo System Update, SUService.exe, creates a named pipe to provide system update services to low-privileged processes.A security vulnerability in Lenovo System Update software...