27 matches found
VulnCheck KEV: CVE-2026-3965
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
CVE-2026-3965
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
EUVD-2026-11489
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
@whyour/qinglong: manipulation of the argument command leads to protection mechanism failure
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
GHSA-XJ37-QJG2-XWV2 @whyour/qinglong: manipulation of the argument command leads to protection mechanism failure
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
CVE-2026-3965
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
CVE-2026-3965
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
CVE-2026-3965 whyour qinglong API express.ts protection mechanism
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
CVE-2026-3965
A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...
PT-2026-24896
Name of the Vulnerable Software and Affected Versions whyour qinglong versions through 2.20.1 Description A security issue has been identified in whyour qinglong. The problem resides in an unknown function within the back/loaders/express.ts file of the API Interface component. Manipulation of the...
Improper Handling of Case Sensitivity
Overview @whyour/qinglong is a Timed task management platform supporting Python3, JavaScript, Shell, Typescript Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity. due to the case-sensitive string matching in authentication middleware. A remote attacker can...
Linux Distros Unpatched Vulnerability : CVE-2018-12294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a...
CVE-2025-50503
A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide ...
CVE-2024-8183
A CORS Cross-Origin Resource Sharing misconfiguration in prefecthq/prefect version 2.20.2 allows unauthorized domains to access sensitive data. This vulnerability can lead to unauthorized access to the database, resulting in potential data leaks, loss of confidentiality, service disruption, and...
Prefect 访问控制错误漏洞
Prefect is a workflow orchestration tool from Prefect Open Source that enables developers to build, observe and react to data pipelines. An access control error vulnerability exists in Prefect version 2.20.2 that stems from a CORS misconfiguration that allows unauthorized domains to access...
Portainer 安全漏洞
Portainer is a lightweight user management interface for managing Docker environments and Docker hosts from Portainer Open Source. A security vulnerability exists in Portainer versions prior to 2.20.2 that stems from incorrect use of a cryptographic algorithm in the AesEncrypt function...
CVE-2024-33662
CVE-2024-33662 affects Portainer and is due to improper use of an encryption algorithm in the AesEncrypt function. The CVE entry indicates a base score of 7.5 (HIGH) with NETWORK attack vector, HIGH impact on confidentiality, integrity, and availability, and requires low privileges with no user i...
CVE-2024-33662
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function...
PT-2024-25421 · Portainer +2 · Portainer +2
Name of the Vulnerable Software and Affected Versions: Portainer versions prior to 2.20.2 Description: The issue is related to the improper use of an encryption algorithm in the AesEncrypt function. This flaw can lead to weak encryption. There is no information provided about the estimated number...
WordPress plugin GiveWP 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...