Количество 314 458
Количество 314 458
GHSA-3h8r-96mm-7vvg
The CYAN Backup WordPress plugin before 2.5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
GHSA-3h8r-6x68-6v9m
Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to bypass authentication by leveraging knowledge of a login URL.
GHSA-3h8p-v7v7-3333
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.
GHSA-3h8p-48px-cj7r
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263113 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-3h8p-2v2p-mc5x
An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie.
GHSA-3h8m-q4x3-3fhw
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
GHSA-3h8m-mvxw-xrmm
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when moving a directory")
GHSA-3h8m-483j-7xxm
Heap out of bounds read in `RequantizationRange`
GHSA-3h8h-mjhw-3m3h
The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.
GHSA-3h8h-469q-248f
Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.
GHSA-3h8g-q3cw-mr42
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
GHSA-3h8c-h67v-4vg7
Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1.
GHSA-3h89-j8rf-vq88
radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.
GHSA-3h89-g9r5-cvx9
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that the kthread variable could be unexpectedly changed causing the kthread_stop() to be called on it when it should not have been, leading to: while true; do rtla timerlat top -u -q & PID=$!; sleep 5; kill -INT $PID; sleep 0.001; kill -TERM $PID; wait $PID; done Causing the following OOPS: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 5 UID: 0 PID: 885 Comm: timerlatu/5 Not tainted 6.11.0-rc4-test-00002-gbc754cc76d1b-dirty #125 a533010b71dab205ad2f507188ce8c82203b0254 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:hrt...
GHSA-3h89-7v9c-8256
Missing Authorization vulnerability in EPC Photography. This issue affects Photography: from n/a through 7.5.2.
GHSA-3h88-qhgq-2p27
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
GHSA-3h88-phwh-c45g
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.
GHSA-3h88-j436-w3r5
In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764
GHSA-3h87-v52r-p9rg
Out of bounds write in reorder
GHSA-3h85-679h-c4f3
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpmem_login_link' shortcode in all versions up to, and including, 3.5.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-3h8r-96mm-7vvg The CYAN Backup WordPress plugin before 2.5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад | |
GHSA-3h8r-6x68-6v9m Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to bypass authentication by leveraging knowledge of a login URL. | 0% Низкий | больше 3 лет назад | ||
GHSA-3h8p-v7v7-3333 Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control. | 56% Средний | почти 4 года назад | ||
GHSA-3h8p-48px-cj7r A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263113 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | CVSS3: 4.7 | 0% Низкий | почти 2 года назад | |
GHSA-3h8p-2v2p-mc5x An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад | |
GHSA-3h8m-q4x3-3fhw The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | CVSS3: 3.3 | 0% Низкий | больше 3 лет назад | |
GHSA-3h8m-mvxw-xrmm In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when moving a directory") | 0% Низкий | около 1 месяца назад | ||
GHSA-3h8m-483j-7xxm Heap out of bounds read in `RequantizationRange` | CVSS3: 2.5 | 0% Низкий | больше 4 лет назад | |
GHSA-3h8h-mjhw-3m3h The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check. | 0% Низкий | больше 3 лет назад | ||
GHSA-3h8h-469q-248f Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb. | CVSS3: 9.8 | 4% Низкий | больше 3 лет назад | |
GHSA-3h8g-q3cw-mr42 Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. | CVSS3: 5.5 | 0% Низкий | почти 4 года назад | |
GHSA-3h8c-h67v-4vg7 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | CVSS3: 4.3 | 0% Низкий | почти 2 года назад | |
GHSA-3h89-j8rf-vq88 radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. | CVSS3: 7.5 | 0% Низкий | 4 месяца назад | |
GHSA-3h89-g9r5-cvx9 In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that the kthread variable could be unexpectedly changed causing the kthread_stop() to be called on it when it should not have been, leading to: while true; do rtla timerlat top -u -q & PID=$!; sleep 5; kill -INT $PID; sleep 0.001; kill -TERM $PID; wait $PID; done Causing the following OOPS: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 5 UID: 0 PID: 885 Comm: timerlatu/5 Not tainted 6.11.0-rc4-test-00002-gbc754cc76d1b-dirty #125 a533010b71dab205ad2f507188ce8c82203b0254 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:hrt... | CVSS3: 5.5 | 0% Низкий | больше 1 года назад | |
GHSA-3h89-7v9c-8256 Missing Authorization vulnerability in EPC Photography. This issue affects Photography: from n/a through 7.5.2. | CVSS3: 6.3 | 0% Низкий | 12 месяцев назад | |
GHSA-3h88-qhgq-2p27 A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery. | CVSS3: 8.8 | 1% Низкий | около 4 лет назад | |
GHSA-3h88-phwh-c45g Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks. | 8% Низкий | почти 4 года назад | ||
GHSA-3h88-j436-w3r5 In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764 | CVSS3: 5.5 | 0% Низкий | почти 3 года назад | |
GHSA-3h87-v52r-p9rg Out of bounds write in reorder | CVSS3: 7.3 | 0% Низкий | больше 4 лет назад | |
GHSA-3h85-679h-c4f3 The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpmem_login_link' shortcode in all versions up to, and including, 3.5.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | CVSS3: 6.4 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу