CVE-2024-58041

Smolder versions through 1.51 for Perl uses insecure rand function for cryptographic functions. Smolder 1.51 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Smolder::DB::Developer uses t...

Smolder 安全漏洞

Smolder is a smoke testing report platform developed by WONKO’s individual developers. Versions of Smolder 1.51 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of the insecure rand function as the default entropy source in encryption functions, which may lead...

TorrentRockYou Torrent 3GP Converter 安全漏洞

TorrentRockYou Torrent 3GP Converter is a video format conversion tool developed by TorrentRockYou Corporation. Version 1.51 of TorrentRockYou Torrent 3GP Converter has a security vulnerability; this vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrary...

TorrentRockYou Torrent FLV Converter 安全漏洞

TorrentRockYou Torrent FLV Converter is a video format conversion tool developed by TorrentRockYou Inc. Version 1.51 Build 117 of TorrentRockYou Torrent FLV Converter has a security vulnerability. This vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrar...

MiracleLinux 8 : xmlrpc-c-1.51.0-11.el8_10 (AXSA:2025-9874:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9874:01 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly...

EUVD-2025-37419

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswptinymultiplefaq' shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

CVE-2025-11502 Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswptinymultiplefaq' shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

PT-2025-44708

Name of the Vulnerable Software and Affected Versions Schema & Structured Data for WP & AMP plugin for WordPress versions through 1.51 Description The Schema & Structured Data for WP & AMP plugin for WordPress has a Stored Cross-Site Scripting issue related to the 'saswp tiny multiple faq'...

EUVD-2024-29956

Malicious code in bioql PyPI...

EUVD-2023-37378

Malicious code in bioql PyPI...

CVE-2024-55604

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace specifically, a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources,...

Appsmith 安全漏洞

Appsmith is an open source platform for building, deploying, and maintaining internal applications from Appsmith Open Source. A security vulnerability exists in Appsmith versions prior to 1.51 that stems from improper access control and could lead to information disclosure...

CVE-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace specifically, a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources,...

CVE-2024-55604

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55604 Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55604

Appsmith prior to v1.51 contains an access-control flaw where users invited as an App Viewer can query the list of datasources in a workspace they belong to. The underlying issue is restricted to development information exposure, not the actual credentials; no sensitive data in datasources is rep...

CVE-2024-55604 Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

PT-2025-12805 · Appsmith · Appsmith

Name of the Vulnerable Software and Affected Versions: Appsmith versions prior to 1.51 Description: The issue concerns an information disclosure where users invited as "App Viewer" can access development information of a workspace, specifically getting a list of datasources. This does not expose...

CVE-2024-32135

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1.51...