Cross-site Request Forgery (CSRF)

Overview org.jenkins-ci.plugins:github-pullrequest is a GitHub Integration Plugin for Jenkins. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF due to not requiring POST requests for an HTTP endpoint. This vulnerability allows attackers to trigger a build for a...

Astra Linux - уязвимость в atftp

In tftpdfile.c in atftp up to 0.7.4, there is a buffer overflow issue due to improper handling of buffer-size parameters, which does not correctly account for combinations of data, OACK, and other options...

EUVD-2026-31042

The Logo Manager For Enamad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute of the vcenamadnamad, vcenamadshamed, and vcenamadcustom shortcodes in all versions up to, and including, 0.7.4 due to insufficient input sanitization and output escaping on use...

WordPress plugin Logo Manager For Enamad 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPress...

WordPress Logo Manager For Enamad plugin <= 0.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Logo Manager For Enamad versions = 0.7.4...

CVE-2021-47832

...

CVE-2021-47832

CVE-2021-47832 entry is rejected/not used (duplicate) by the CVE Numbering Authority.

CVE-2021-47832

...

CVE-2023-31873

Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require'childprocess'...

Relative Path Traversal

Overview @astrojs/internal-helpers is an Internal helpers used by core Astro packages. Affected versions of this package are vulnerable to Relative Path Traversal via the href parameter in the image optimization endpoint during development mode. An attacker can access arbitrary local image files...

EUVD-2020-0287

Malware in sbrugna...

EUVD-2012-3825

Malware in sbrugna...

EUVD-2017-0075

Malware in sbrugna...

EUVD-2007-2809

Malware in sbrugna...

EUVD-2023-36163

Malicious code in bioql PyPI...

EUVD-2025-27403

Malicious code in bioql PyPI...

EUVD-2025-28040

Malicious code in bioql PyPI...

EUVD-2024-51921

Malicious code in bioql PyPI...

CVE-2025-58991

Cross-Site Request Forgery CSRF vulnerability in Cristiano Zanca WooCommerce Booking Bundle Hours allows Stored XSS. This issue affects WooCommerce Booking Bundle Hours: from n/a through 0.7.4...

WordPress WooCommerce Booking Bundle Hours Plugin <= 0.7.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WooCommerce Booking Bundle Hours versions = 0.7.4...