Linux Distros Unpatched Vulnerability : CVE-2026-1605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding:...

PT-2026-23445

Name of the Vulnerable Software and Affected Versions Eclipse Jetty versions 12.0.0 through 12.0.31 Eclipse Jetty versions 12.1.0 through 12.1.5 Description Eclipse Jetty’s GzipHandler class has an issue where a memory leak occurs when processing a compressed HTTP request Content-Encoding: gzip...

CVE-2025-11928

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

WordPress plugin CSS & JavaScript Toolbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

CVE-2025-46752

A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code...

EUVD-2022-6031

Malicious code in bioql PyPI...

CVE-2024-13241

CVE-2024-13241 affects the Drupal Open Social distribution. Open Social versions 0.0.0 through 12.0.4 contain an improper authorization flaw that enables collecting data from common resource locations, resulting in information disclosure. The vulnerability is tied to the authorization controls in...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Open Social prior to version 12.0.5, which stems from the inclusion of an improper authorization vulnerability...

PT-2024-10360 · Drupal · Open Social

Name of the Vulnerable Software and Affected Versions: Open Social versions 0.0.0 through 12.0.4 Description: The issue is related to improper authorization in Drupal Open Social, allowing the collection of data from common resource locations. This can potentially lead to unauthorized access to...

PT-2023-6090 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 12.0.4 and earlier Adobe Bridge versions 13.0.3 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Bridge when processing embedded fonts. This could allow an attacker to gain...

GHSA-F2G5-426F-353Q Cross-site Scripting in Dolibarr

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

Dolibarr Cross-Site Scripting Vulnerability (CNVD-2022-71638)

Dolibarr is an ERP/CRM system with plug-and-play modules and a well-established ecosystem with customizations and service providers worldwide. version 12.0.5 of Dolibarr suffers from a cross-site scripting vulnerability that can be exploited by attackers to cause cross-site scripting XSS attacks...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

Cross site scripting

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

PT-2022-20362 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 12.0.5 Description: The issue is related to Cross Site Scripting XSS via the Sql Error Page. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's...

CVE-2021-43803

Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...

CVE-2021-43803

Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...

Unexpected server crash in Next.js.

Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...