WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Niv Kochan in WordPress Plugin Montonio for WooCommerce versions = 10.1.2...

OESA-2026-2383 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through...

WordPress MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) plugin <= 10.1.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure And Plugin Integration Reset vulnerability

Missing Authorization to Authenticated Subscriber+ Sensitive Information Exposure And Plugin Integration Reset vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Google Analytics by Monster Insights versions = 10.1.2...

CVE-2026-5371

The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...

CVE-2026-5371

The MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) plugin for WordPress is vulnerable through missing capability checks on get_ads_access_token() and reset_experience() in all versions up to 10.1.2. The issue allows authenticated attackers with Subscriber-lev...

Fedora 44 : trafficserver (2026-7839a46d9d)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7839a46d9d advisory. Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling...

Fedora 42 : trafficserver (2026-a157bd84c4)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a157bd84c4 advisory. Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling...

Linux Distros Unpatched Vulnerability : CVE-2025-58136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 throug...

DEBIAN-CVE-2025-65114

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

UBUNTU-CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

CVE-2025-65114

Apache Traffic Server is affected by a vulnerability where malformed chunked message bodies enable request smuggling. Affected versions are 9.0.0–9.2.12 and 10.0.0–10.1.1. The issue is mitigated by upgrading to 9.2.13 or 10.1.2, which address the bug. No exploitation details are provided in the d...

CVE-2025-65114 Apache Traffic Server: Malformed chunked message body allows request smuggling

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

PT-2026-29792

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

PT-2026-29793

Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions 9.0.0 through 9.2.12 and 10.0.0 through 10.1.1 Description Apache Traffic Server is susceptible to request smuggling when handling malformed chunked messages. This can potentially lead to various security issues...

EUVD-2018-12789

Malware in sbrugna...

EUVD-2021-1955

Malware in sbrugna...

EUVD-2023-42141

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-7011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the WebKit component. It...

Adobe Substance3D 缓冲区错误漏洞

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Substance 3D Designer version 10.1.2 and earlier versions, which can be exploited by an attacker to execute arbitrary code in the context of the curren...