SUSE CVE-2026-27734

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

CVE-2026-27734

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

CVE-2026-27734

Beszel is a server monitoring platform. Before v0.18.2, the hub’s authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied container param to the agent without validation. The agent builds Docker Engine API URLs using fmt.Sprintf with ...

CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

PT-2026-22382

Name of the Vulnerable Software and Affected Versions Beszel versions prior to 0.18.2 Beszel versions 0.18.2 through 0.18.3 Description Beszel is a server monitoring platform. The platform’s authenticated API endpoints, specifically ''/api/beszel/containers/logs'' and...

EUVD-2017-1589

Malware in sbrugna...

4337-snap (>=0.1.0 <=0.1.1), @0xpolygonid/snap-example (=1.0.0-beta.9) +322 more potentially affected by CVE-2023-39532 via ses (>=0.18.4 <=0.18.5)

ses NPM version =0.18.4, =0.1.0, =1.0.1-beta.0, =1.0.0, =1.6.3, =0.2.3, =0.2.2, =0.3.3-20230923T000433-dev-63b1fb6.0, =0.4.3-20230923T000433-dev-63b1fb6.0, =0.10.4-20230923T000433-dev-63b1fb6.0, =0.16.3-20230923T000433-dev-63b1fb6.0, =0.10.4-mainnet1B-dev-b0c1f78.0, =0.16.2-mainnet1B-dev-b0c1f78....

@adabra/ui-libs-grapesjs-mjml (>=0.0.122 <=0.0.139), @ant-extensions/page-maker (>=0.0.1 <=0.0.5) +44 more potentially affected by CVE-2022-21802 via grapesjs (>=0.10.8 <=0.18.4)

grapesjs NPM version =0.10.8, =0.0.122, =0.0.1, =1.0.6, =0.0.12, =2.0.18, =0.8.1-esbuild, =0.0.1, =1.0.3, =0.10.4, =22.0.8, =0.10.4, =0.0.19, =0.1.5, =0.10.17, =1.0.8 and more Source cves: CVE-2022-21802 Source advisory: SNYK:JS-GRAPESJS-2935960...

Updated dcraw packages fix security vulnerabilities

The updated packages fix security vulnerabilities: There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. CVE-2017-13735 In LibRaw through 0.18.4, an out of bounds read flaw related to...

Debian: Security Advisory (DLA-1228-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BookStack Cross-Site Scripting Vulnerability

BookStack is a set of open source using PHP and Laravel to build wiki documentation platform. A cross-site scripting vulnerability exists in BookStack version 0.18.4. A remote attacker can exploit this vulnerability to cause a denial of service and execute JavaScript code...

CVE-2017-1000462

BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code...

Cross site scripting

BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code...

Updated libraw packages fix security vulnerabilities

There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. CVE-2017-13735 A Stack-based Buffer Overflow was discovered in xtransinterpolate in internal/dcrawcommon.cpp in LibRaw before 0.18.3. It cou...

LibRaw Read-Over-Boundary Vulnerability

LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. An out-of-bounds read vulnerability exists in the dcraw/dcraw.c file and the internal/dcrawcommon.cpp file in LibRaw 0.18.4 and earlier versions. An attacker can exploit this...

CVE-2017-14348

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file...