UBUNTU-CVE-2026-39087

ntfy before 2.22.0 allows SSRF because of an unanchored regular expression...

PT-2026-34669

Name of the Vulnerable Software and Affected Versions ntfy.sh versions prior to 2.21 Description A remote attacker can execute arbitrary code through the parseActions function. Recommendations Update to version 2.21 or later. As a temporary workaround, consider restricting access to the...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4381 more potentially affected by CVE-2026-2492 via tensorflow (>=2.0.0 <=2.21.0)

tensorflow PYPI version =2.0.0, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 - academic-emotion =0.1.2 and more Source cves: CVE-2026-2492 Source advisory: SNYK:PYTHON-TENSORFLOW-15325644...

PT-2026-20498

IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAX DISK USAGE or MAX DOWNLOAD RATE...

Halo CMS 安全漏洞

Halo CMS is a blog and content management system from China-based Lingxia Halo. A security vulnerability exists in Halo CMS version 2.21, which originates from unauthenticated user input in the Thumbnail via-uri endpoint and could lead to a server-side request forgery attack...

Linux Distros Unpatched Vulnerability : CVE-2020-17353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, ...

[SECURITY] Fedora 40 Update: iwd-2.21-1.fc40

The daemon and utilities for controlling and configuring the Wi-Fi network hardware...

BIT-GIT-2020-5260 malicious URLs may cause Git to present stored credentials to the wrong server

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system...

WordPress Seraphinite Accelerator Plugin <= 2.20.52 is vulnerable to Server Side Request Forgery (SSRF)

Software Seraphinite Accelerator Type Plugin Vulnerable versions = 2.20.52 Fixed in 2.21 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2024-1568 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 699713e041d9 Credits Luci...

Debian dla-3520 : libhtmlcleaner-java - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3520 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3520-1 [email protected] https://www.debian.org/lts/security/...

WordPress Schedulicity Plugin <= 2.21 is vulnerable to Cross Site Scripting (XSS)

Software Schedulicity Type Plugin Vulnerable versions = 2.21 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0491 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4c22e6c6bae0 Credits Lana Codes Required...

K13255123: glibc vulnerability CVE-2017-18269

Security Advisory Description An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of t...

SUSE CVE-2005-0876

Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file...

CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...

CVE-2022-46833

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

PT-2022-27991 · Sick · Sick Rfu63X

Name of the Vulnerable Software and Affected Versions: SICK RFU63x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

PT-2022-27990 · Sick · Sick Rfu62X

Name of the Vulnerable Software and Affected Versions: SICK RFU62x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

PT-2022-27992 · Sick · Sick Rfu65X

Name of the Vulnerable Software and Affected Versions: SICK RFU65x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

CVE-2020-19204

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...

CVE-2020-19204

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...