dzbanek-langflow-base (>=0.6.0 <=0.6.1), langflow-base (>=0.7.0 <=0.8.0rc2) +1 more potentially affected by CVE-2026-0768 via lfx (>=0.1.13 <=0.3.4)

lfx PYPI version =0.1.13, =0.6.0, =0.7.0, =0.8.0rc2 - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-0768 Source advisory: SNYK:PYTHON-LFX-15091578...

CVE-2022-0768

Server-Side Request Forgery SSRF in GitHub repository rudloff/alltube prior to 3.0.2...

CVE-2026-0768

creationtimestamp| type| source ---|---|--- 2026-01-09 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-034/ 2026-01-23 06:40:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md33rdfo322r 2026-01-23 08:46:47+00:00| seen|...

CVE-2014-0768

creationtimestamp| type| source ---|---|--- 2025-09-19 19:48:32+00:00| seen| Telegram/TR5IQBq1h6GOM8rzwen6bkiLCS0aaJd5wLN86E6YGrlLluE...

CVE-2024-0768

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.4.4. This is due to missing or incorrect nonce validation on the ajaxthemeactivation function. This makes it possible for unauthenticated...

CVE-2020-0768

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829...

CVE-2024-0768

creationtimestamp| type| source ---|---|--- 2024-03-14 20:57:36+00:00| seen| https://t.me/ctinow/208144...

CVE-2024-0768

CVE-2024-0768 affects Envo’s Elementor Templates & Widgets for WooCommerce for WordPress, with CSRF in the ajax_theme_activation path. It is exploitable by unauthenticated attackers who can trick an administrator into performing an action (activating an arbitrary installed theme). Affected versio...

WordPress Envo's Elementor Templates & Widgets for WooCommerce Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Envo's Elementor Templates & Widgets for WooCommerce Type Plugin Vulnerable versions = 1.4.4 Fixed in 1.4.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0768 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

Moderate: Red Hat Security Advisory: libmaxminddb security update

An update for libmaxminddb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

CVE-2023-0768

CVE-2023-0768 affects the Avirato hotels online booking engine WordPress plugin (

CVE-2023-0768 Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi

The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...

WordPress Avirato hotels online booking engine Plugin <= 5.0.5 is vulnerable to SQL Injection

Software Avirato hotels online booking engine Type Plugin Vulnerable versions = 5.0.5 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0768 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 529cd2a74d04 Credits István Márton Required...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0768-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0768-1 advisory. - A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race...

CVE-2021-0768

CVE-2021-0768 is listed in the Android 12 security release notes under the Framework category with EoP and High severity. The document does not provide root cause, affected component/version, exploit details, or a specified remediation/patch for this CVE within the provided text.

Server-Side Request Forgery (SSRF) in rudloff/alltube

Impact Releases prior to 3.0.2 are vulnerable to a Server-Side Request Forgery vulnerability that allows an attacker to send a request to an internal hostname. Patches 3.0.2 contains a fix for this vulnerability. The 1.x and 2.x releases are not maintained anymore. Part of the fix requires applyi...

CVE-2022-0768

CVE-2022-0768 describes a Server-Side Request Forgery in the GitHub repository rudloff/alltube, affecting releases prior to 3.0.2. The impact is the ability to send requests to an internal hostname due to the SSRF flaw. The Red Hat, OSV, GitHub advisory entries corroborate this SSRF issue and ind...

CVE-2022-0768 Server-Side Request Forgery (SSRF) in rudloff/alltube

Server-Side Request Forgery SSRF in GitHub repository rudloff/alltube prior to 3.0.2...

CVE-2022-0768 Server-Side Request Forgery (SSRF) in rudloff/alltube

Server-Side Request Forgery SSRF in GitHub repository rudloff/alltube prior to 3.0.2...

Server-Side Request Forgery (SSRF)

Impact Releases prior to 3.0.2 are vulnerable to a Server-Side Request Forgery vulnerability that allows an attacker to send a request to an internal hostname. Patches 3.0.2 contains a fix for this vulnerability. The 1.x and 2.x releases are not maintained anymore. Part of the fix requires applyi...