CLEANSTART-2026-JW58725 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2x5j-vhc8-9cwm, ghsa-2xsj-vh29-9cwm, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-r6j8-c6r2-37rr applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.0.22-r0, 3.0.23-r0, 3.0.23-r1, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4

Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-1890 LeadConnector < 3.0.22 - Unauthenticated Rest Call

The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data...

CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

CVE-2026-27466

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

PT-2026-21364

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

VideoLAN VLC Media Player buffer error vulnerability

VideoLAN VLC Media Player is a free, open-source cross-platform multimedia player developed by the French company VideoLAN. It is also a multimedia framework. This product supports playback of various media types such as files and discs and various audio/video formats such as WMV and MP3. Version...

KLA90830 DoS vulnerability in VLC media player

Denial of service vulnerability was found in VLC media player. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Security Bulletin VLC 3.0.22 Related products VLC-media-player CVE list CVE-2025-51602 warning Solution Update to the latest version Downlo...

PT-2025-54490

Name of the Vulnerable Software and Affected Versions VLC versions prior to 3.0.22-0+deb12u1 VLC versions prior to 3.0.22-0+deb13u1 Description Multiple issues were identified in VLC media player that could lead to a denial of service or potentially allow the execution of arbitrary code when...

PT-2024-19515 · Galerie · Galerie

Name of the Vulnerable Software and Affected Versions: iGalerie version 3.0.22 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This vulnerability occurs via the Titre Title field in the editing interface. Cross-site scripting XSS is a type of security...

iGalerie 3.0.22 Cross Site Scripting Vulnerability

Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1 onLoaD=confirm1// 2 Write i...

SUSE CVE-2006-3403

The smdb daemon smbd/service.c in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service memory consumption via a large number of share connection requests...

MGASA-2021-0342 Updated freeradius packages fix security vulnerabilities

Moved logrotate options into specific parts for each log as "global" options will persist past and clobber global options in the main logrotate config bsc1180525. Fixed plaintext password entries in logfiles bsc1184016. The freeradius package has been updated to version 3.0.22, fixing these issue...

Red Hat RESTEasy Code Execution Vulnerability

Red Hat RESTEasy is the United States Red Hat Red Hat, Inc. of a JBoss open source project , which provides a variety of frameworks for building RESTful Web Services and RESTful Java applications . A security vulnerability exists in Red Hat RESTEasy versions 3.0.22 and 3.1.2. A remote attacker...

CVE-2015-1201

Privoxy before 3.0.22 allows remote attackers to cause a denial of service file descriptor consumption via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2015-1201

CVE-2015-1201 affects Privoxy before 3.0.22, enabling remote denial of service via file descriptor consumption. Multiple sources confirm the issue and mention third‑party provenance for the vulnerability details. Affected component: Privoxy proxy server; vulnerability type: DoS via unspecified ve...

CVE-2010-0787

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file...

Samba < 3.0.22 Local File Permissions Credentials Disclosure

Binary data 3499.prm...