CWE-402
Transmission of Private Resources into a New Sphere ('Resource Leak')
Monthly
CVE-2024-32388 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures.
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
CVE-2025-49618 is a security vulnerability (CVSS 5.8). Remediation should follow standard vulnerability management procedures.
A security vulnerability in One Identity OneLogin Active Directory Connector (CVSS 5.0). Remediation should follow standard vulnerability management procedures.
Django-Select2 is a Django integration for Select2. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Zammad 6.4.x before 6.4.2, there is information exposure. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.
XWiki Platform is a generic wiki platform. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
CVE-2024-32388 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures.
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
CVE-2025-49618 is a security vulnerability (CVSS 5.8). Remediation should follow standard vulnerability management procedures.
A security vulnerability in One Identity OneLogin Active Directory Connector (CVSS 5.0). Remediation should follow standard vulnerability management procedures.
Django-Select2 is a Django integration for Select2. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Zammad 6.4.x before 6.4.2, there is information exposure. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.
XWiki Platform is a generic wiki platform. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.