CVE-2021-27371

The Contact page in Monica 2.19.1 allows stored XSS via the Description field...

CVE-2026-24127 Typemill has Reflected XSS via login error view template

Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting XSS exists in the login error view template login.twig of versions 2.19.1 and below. The username value can be echoed back without proper contextual encoding when...

CVE-2026-24127

CVE-2026-24127 pertains to Typemill, a flat-file CMS. A reflected XSS vulnerability exists in the login error view template login.twig affecting versions 2.19.1 and earlier, where the username value is echoed back without proper contextual encoding during failed authentication. This could allow a...

PT-2026-4535

Name of the Vulnerable Software and Affected Versions Typemill versions 2.19.1 and below Description Typemill is a flat-file, Markdown-based CMS for informational documentation websites. A reflected Cross-Site Scripting XSS issue exists in the login error view template login.twig. The username...

CVE-2025-5471

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

EUVD-2025-202299

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

CVE-2025-5471 Dylib Hijacking in Yandex Telemost

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

CVE-2025-5471

CVE-2025-5471 affects Yandex Telemost on macOS, before version 2.19.1. The root cause is an uncontrolled Search Path Element, enabling search-order hijacking (dylib hijacking). Impact per sources is high on confidentiality, integrity, and availability when a malicious library is loaded via a mani...

PT-2025-50090

Name of the Vulnerable Software and Affected Versions Yandex Telemost versions prior to 2.19.1 Description An uncontrolled search path element issue exists in Yandex Telemost on MacOS, enabling search order hijacking. This allows an attacker to potentially manipulate the system's search path to...

EUVD-2020-23323

Malware in sbrugna...

EUVD-2021-14129

Malware in sbrugna...

EUVD-2021-14126

Malware in sbrugna...

EUVD-2021-14128

Malware in sbrugna...

pki-deps:10.6 security update

apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent 69-1 - Rebase to version 69 - Resolves: RHEL-103106 glassfish-fastinfoset glassfish-jaxb glassfish-jaxb-api jackson-annotations 2.19.1-1 - Rebase to upstream version 2.19.1 - Resolves: RHEL-103106...

Linux Distros Unpatched Vulnerability : CVE-2022-23516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.2.0, 2.19.1 uses recursion...

artemis-commons: Apache ActiveMQ Artemis DoS

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability DoS through uncontrolled resource consumption of memory...

CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching

Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...

CVE-2025-25205

CVE-2025-25205 affects Audiobookshelf (self-hosted server) versions 2.17.0 through 2.19.0. A flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored URL-regex patterns (e.g., r=/api/items/1/cover), enabling partial bypass of authentication and, on some ...

CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching

Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...

CVE-2024-33665

angular-translate through 2.19.1 allows XSS via a crafted key that is used by the translate directive. NOTE: the vendor indicates that there is no documentation indicating that a key is supposed to be safe against XSS attacks...