LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
Envoy is a cloud-native, open-source edge and service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the file/article.php component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.2 and below that may allow a remote, authenticated attacker to provide input that is not sanitized properly and is. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SVR-116 firmware version 1.6.0.30028871 allows a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced implementation of AES-CTR operates on blocks of 128. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the. Rated high severity (CVSS 7.1). No vendor patch available.
A vulnerability was found in the quarkus-core component. Rated high severity (CVSS 7.0). No vendor patch available.
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The WordPress Tag and Category Manager - AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'st_tag_cloud' shortcode in all versions up to, and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The ShopLentor - WooCommerce Builder for Elementor & Gutenberg +12 Modules - All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slitems. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Gutenberg Blocks by Kadence Blocks - Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
A problem has been identified in the CloudStack additional VM configuration (extraconfig) feature which can be misused by anyone who has privilege to deploy a VM instance or configure settings of an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where __lpass_get_dmactl_handle is called and the driver id dai_id is. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
There is a stored Cross‑Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS versions 11.2 and below that may allow a remote, authenticated attacker to create a crafted link that can be saved. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an HTML injection vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a reflected cross site scripting vulnerability in the home application in Esri Portal for ArcGIS 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Collabora Online is a collaborative online office suite based on LibreOffice. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vite (French word for "quick", pronounced /vit/, like "veet") is a frontend build tooling to improve the frontend development experience.`server.fs.deny` does not deny requests for patterns with. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
MesonLSP is an unofficial, unendorsed language server for meson written in C++. Rated medium severity (CVSS 5.8), this vulnerability is no authentication required. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
A memory management flaw exists in the Linux kernel's framebuffer console (fbcon) font handling code where system fonts fail to be restored to their previous state when a vc_resize() operation fails during fbcon_do_set_font(). This oversight allows subsequent font_get() calls to access corrupted or uninitialized memory, leading to kernel crashes and denial of service. The vulnerability affects Linux kernel versions up to and including 6.8-rc6, requires local user privileges to trigger, and is difficult but reproducible with fault injection techniques as demonstrated by Syzkaller.
In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning:. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Information exposure vulnerability in RT software affecting version 4.4.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi =. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The ->runtime_suspend() and ->runtime_resume(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]:. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: ctr_get_width function for legacy is not defined With parameters CONFIG_RISCV_PMU_LEGACY=y and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the registers are configured so that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufd_test_syz_conv_iova Syzkaller reported the following bug: general protection fault,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal On unloading of the scmi_perf_domain module got the below splat,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible deadlock in subflow diag Syzbot and Eric reported a lockdep splat in the subflow diag: WARNING: possible. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.