Shaarli cross-site scripting vulnerabilities

Shaarli is a set of website cloning tools developed by the Shaarli Community. Versions of Shaarli prior to 0.16.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of malicious tags, which could lead to cross-site scripting attacks...

OPENSUSE-SU-2026:20105-1 Security update for sbctl

This update for sbctl fixes the following issues: Changes in sbctl: - Upgrade the embedded golang.org/x/net to 0.46.0 Fixes: bsc1251399, CVE-2025-47911: various algorithms with quadratic complexity when parsing HTML documents Fixes: bsc1251609, CVE-2025-58190: excessive memory consumption by...

CVE-2025-54389 affecting package aide for versions less than 0.16-17

CVE-2025-54389 affecting package aide for versions less than 0.16-17. A patched version of the package is available...

CVE-2025-54409 affecting package aide for versions less than 0.16-17

CVE-2025-54409 affecting package aide for versions less than 0.16-17. A patched version of the package is available...

EUVD-2008-0004

Malware in sbrugna...

MetaCPAN Net::Dropbear 安全漏洞

MetaCPAN Net::Dropbear is a lightweight SSH server and client software from the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Net::Dropbear version 0.16 and earlier, which stems from the inclusion of a dependency that may be susceptible to an integer overflow...

Boa 安全漏洞

Boa is a Boa open source open source code for embedded applications. A security vulnerability exists in Boa versions prior to 0.16 through 0.19.0, which stems from a vulnerability that allows an attacker to trigger a state transition in an AsyncGenerator object via carefully constructed code,...

json-c: Buffer Overflow

Background json-c is a JSON implementation in C. Description Please review the CVE identifier referenced below for details. Impact A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit. Workaround There is no known workaround at this tim...

excalidraw 安全漏洞

excalidraw is a software application. Virtual whiteboard sketch hand drawing A security vulnerability exists in excalidraw versions prior to 0.16.0 through 0.17.6, which stems from a stored cross-site scripting XSS vulnerability in the web embeddable component...

PT-2022-28275 · Tuf · Tuf

Name of the Vulnerable Software and Affected Versions: TUF versions 0.14.0 through 0.15.x Description: The issue concerns the verify root self signed function, which verifies self-signatures in new root metadata files. This function counted multiple signatures by any new root key towards the new...

CVE-2021-36151

In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects versions = 0.15.0. Users should update to version 0.16.0 which addresses this issue...

CVE-2021-36152

Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions = 0.15.0. Users should update to version 0.16.0 which addresses this issue...

abd-clam (>=0.10.0-dev0 <=0.12.1), adbc_core (=0.14.0) +285 more potentially affected by unknown CVE via arrow (>=0.16.0 <=5.5.0)

arrow CARGO version =0.16.0, =0.10.0-dev0, =0.6.0, =0.6.0, =0.2.0, =0.4.0, =0.3.0, =0.2.0, =2.0.0, =0.2.0, =0.1.0, =0.2.0 - arrow-graph-core =0.1.0 - arrow-graph-git =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0117...

Qtum Resource Management Error Vulnerability

Qtum is an open source blockchain application platform. A security vulnerability exists in Qtum 0.16 and earlier versions. An attacker can exploit the vulnerability to cause a denial of service...

Service Update 0.16 for Microsoft Dynamics 365 9.0

Service Update 0.16 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.16 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.16. MORE INFORMATION Update package| Version number ---|---...

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

BSA-2019-888

Security Advisory ID : BSA-2019-888 Component : Eclipse OpenJ9 Revision : 1.0: Final From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

CVE-2018-19151

Qtum up to version 0.16 is affected by a remote denial-of-service through invalid headers/blocks, allowing an attacker to consume disk and RAM without requiring stake. The issue is described consistently across multiple feeds (NVD, Red Hat, OSV, CNVD, CVE records). Affected component: the Qtum ch...