ca.weblite:teavm-lambda-demo-auth (>=0.1.5 <=0.1.6), ca.weblite:teavm-lambda-demo-features (>=0.1.5 <=0.1.6) +221 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.7.15)

org.mozilla:rhino MAVEN version =1.7.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ca.weblite:teavm-lambda-demo-auth =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.1, =0.1.1, =0.1.4, =1.9.0, =2.43.0,...

PT-2025-44697

Name of the Vulnerable Software and Affected Versions WPCOM Member versions prior to 1.7.15 Description The WPCOM Member plugin for WordPress is susceptible to Local File Inclusion. This issue affects versions up to and including 1.7.14 and is triggered through the action parameter within a...

EUVD-2020-19773

Malware in sbrugna...

OESA-2025-1995 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

SUSE CVE-2023-26819

cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

cJSON 安全漏洞

cJSON is a lightweight, open source JSON parser from the individual developer Dave Gamble. A security vulnerability exists in cJSON version 1.7.15, which stems from a denial of service that can be caused when processing specially crafted JSON documents...

PT-2025-17394

Name of the Vulnerable Software and Affected Versions cJSON version 1.7.15 Description The issue might allow a denial of service via a crafted JSON document. For example, a document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567 could be used...

SUSE-SU-2025:20091-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.21. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.21 Fixes CVE-2023-47108. bsc1217070 Fixes CVE-2023-45142. bsc1228553 - Update to containerd v1.7.17. Upstream release notes:...

UBUNTU-CVE-2024-10975

Nomad Community and Nomad Enterprise "Nomad" volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface CSI volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad...

CVE-2024-10975 Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission

Nomad Community and Nomad Enterprise "Nomad" volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface CSI volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad...

WordPress Startklar Elementor Addons plugin <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion vulnerability

Unauthenticated Path Traversal to Arbitrary Directory Deletion vulnerability discovered by stealthcopter in WordPress Plugin Startklar Elementor Addons versions = 1.7.15...

WordPress plugin Startklar Elementor Addons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2024-26893 · Dbt-Core · Dbt-Core

Name of the Vulnerable Software and Affected Versions: dbt-core versions prior to 1.6.15 dbt-core versions prior to 1.7.15 dbt-core versions prior to 1.8.1 Description: The issue arises from binding to INADDR ANY 0.0.0.0 or IN6ADDR ANY ::, which exposes the application on all network interfaces,...

PT-2023-30239 · WordPress · Slick Popup: Contact Form 7 Popup Plugin

Name of the Vulnerable Software and Affected Versions: Slick Popup: Contact Form 7 Popup Plugin versions prior to 1.7.15 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. This vulnerability can be...

Supsystic WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

Design/Logic Flaw

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

Innokas Medical Innokas Yhtyma Oy Vital Signs Monitor Cross-Site Scripting Vulnerability

Innokas Medical Innokas Yhtyma Oy Vital Signs Monitor is a monitor from Innokas Medical that measures blood pressure, body temperature, respiratory rate and pulse rate. A cross-site scripting vulnerability exists in Innokas Yhtyma Oy Vital Signs Monitor VC150 prior to Version 1.7.15, which allows...

Innokas Yhtymä Oy Vital Signs Monitor

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Innokas Yhtymä Oy Equipment: Vital Signs Monitor VC150 Vulnerabilities: Cross-site Scripting, Improper Neutralization of Special Elements in Output Used by a Downstream Component 2. RISK EVALUATION...

PYSEC-2019-175

An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...