active threads vulnerabilities and exploits

(subscribe to this query)

In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.

Mybb Active Threads 1.3.0

A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due t...

* Https //github.com/curl/curl Haxx Libcurl 7.88.0 Haxx Libcurl 7.88.1 Netapp Active Iq Unified Manager -Netapp Clustered Data Ontap 9.0 Broadcom Brocade Fabric Operating System Firmware -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Splunk Universal Forwarder Splunk Universal Forwarder 9.1.0

1 Github repository

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an malicious user to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an ma...

* Https //github.com/curl/curl Haxx Curl Fedoraproject Fedora 36 Netapp Active Iq Unified Manager -Netapp Clustered Data Ontap 9.0 Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Splunk Universal Forwarder Splunk Universal Forwarder 9.1.0

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's h...

* Https //github.com/curl/curl Haxx Curl Fedoraproject Fedora 36 Netapp Active Iq Unified Manager -Broadcom Brocade Fabric Operating System Firmware -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Splunk Universal Forwarder Splunk Universal Forwarder 9.1.0

An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current set...

* Https //github.com/curl/curl Haxx Libcurl Fedoraproject Fedora 36 Debian Debian Linux 10.0 Netapp Active Iq Unified Manager -Netapp Ontap 9 -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Splunk Universal Forwarder Splunk Universal Forwarder 9.1.0

An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability aff...

* Https //github.com/curl/curl Haxx Libcurl Fedoraproject Fedora 36 Debian Debian Linux 10.0 Netapp Active Iq Unified Manager -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Netapp Ontap 9 Splunk Universal Forwarder Splunk Universal Forwarder 9.1.0

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse t...

* Https //github.com/curl/curl Haxx Libcurl Fedoraproject Fedora 36 Debian Debian Linux 10.0 Netapp Active Iq Unified Manager -Netapp Clustered Data Ontap 9.0 Broadcom Brocade Fabric Operating System Firmware -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Splunk Universal Forwarder

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of ho...

Xen Xen Xen Xen 4.17

Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow malicious users to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650.

Samsung Samsung Mobile 4.4 Samsung Samsung Mobile 5.0 Samsung Samsung Mobile 5.1 Samsung Samsung Mobile 6.0

Wagtail is a Django based content management system focused on flexibility and user experience. When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only in the relevant threads....

Wagtail Wagtail Torchbox Wagtail

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook