7.5

CVSS3.1

CVE-2024-50608 -

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user (with access to…

πŸ“… Published: Feb. 18, 2025, midnight πŸ”„ Last Modified: April 22, 2025, 2:54 p.m.

6.5

CVSS3.1

CVE-2025-22921 -

FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.

πŸ“… Published: Feb. 18, 2025, midnight πŸ”„ Last Modified: Jan. 12, 2026, 1:08 p.m.

2.9

CVSS3.1

CVE-2025-27113 - libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

πŸ“… Published: Feb. 18, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 10:18 p.m.

5.4

CVSS3.1

CVE-2024-57056 -

Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session.

πŸ“… Published: Feb. 18, 2025, midnight πŸ”„ Last Modified: Feb. 18, 2025, 10:15 p.m.

7.1

CVSS3.1

CVE-2024-57254 -

An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.

πŸ“… Published: Feb. 18, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

9.8

CVSS3.0

CVE-2021-46686 -

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker.

πŸ“… Published: Feb. 17, 2025, 11:58 p.m. πŸ”„ Last Modified: Feb. 18, 2025, 3:41 p.m.

7.2

CVSS3.0

CVE-2025-20075 -

Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0 prior to 3.4.0.0. Executing arbitrary backend Web API requests could potentially lead to rebooting the services.

πŸ“… Published: Feb. 17, 2025, 11:57 p.m. πŸ”„ Last Modified: Feb. 18, 2025, 3:42 p.m.

5.3

CVSS3.0

CVE-2025-25055 -

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed.

πŸ“… Published: Feb. 17, 2025, 11:56 p.m. πŸ”„ Last Modified: Feb. 18, 2025, 3:42 p.m.

5.1

CVSS4.0

CVE-2025-1392 - D-Link DIR-816 index.html cross site scripting

A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scrip…

πŸ“… Published: Feb. 17, 2025, 3:31 p.m. πŸ”„ Last Modified: July 16, 2025, 2:26 p.m.

5.5

CVSS3.1

CVE-2024-13879 - Stream <= 4.0.2 - Authenticated (Admin+) Server-Side Request Forgery

The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbi…

πŸ“… Published: Feb. 17, 2025, 3:21 p.m. πŸ”„ Last Modified: April 8, 2026, 5:04 p.m.
Total resulsts: 343919
Page 6185 of 34,392
Β« previous page Β» next page
Filters