Riasztások
2025. Feb. 20.
NA - CVE-2025-25679 - Tenda i12 V1.0.0.10(3805) was discovered to...
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.
2025. Feb. 20.
NA - CVE-2025-25957 - Cross Site Scripting vulnerabilities in...
Cross Site Scripting vulnerabilities in Xunruicms v.4.6.3 and before allows a remote attacker to escalate privileges via a crafted script.
2025. Feb. 20.
NA - CVE-2025-27088 - oxyno-zeta/s3-proxy is an aws s3 proxy written...
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject...
2025. Feb. 19.
Medium - CVE-2024-13508 - The Booking Package plugin for WordPress is...
The Booking Package plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the locale parameter in all versions up to, and including, 1.6.72 due to insufficient input sanitization...
2025. Feb. 19.
Medium - CVE-2025-1447 - A vulnerability was found in kasuganosoras...
A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the...
2025. Feb. 19.
NA - CVE-2024-57261 - In barebox before 2025.01.0, request2size in...
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258.
2025. Feb. 19.
NA - CVE-2024-57262 - In barebox before 2025.01.0,...
In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a...