CVE-2026-39386

Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative control of the entire Neko instance member management, room settings, broadcast control, session...

CVE-2026-39386

Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative control of the entire Neko instance member management, room settings, broadcast control, session...

EUVD-2026-10285

A security flaw has been discovered in doramart DoraCMS 3.0.x. Impacted is the function createFileBypath of the file /DoraCMS/server/app/router/api/v1.js. Performing a manipulation results in path traversal. The attack can be initiated remotely. The exploit has been released to the public and may...

EUVD-2026-10284

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2026-3794

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

PT-2026-23999

Name of the Vulnerable Software and Affected Versions doramart DoraCMS versions 3.0.x Description A flaw exists in the processing of the /api/v1/mail/send file within the Email API component. This improper handling results in insufficient authentication. Remote attackers can exploit this issue. T...

CVE-2021-22866

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...

CVE-2011-0544

phpbb 3.0.x-3.0.6 has an XSS vulnerability via the flash BB tag...

EUVD-2006-2019

Malware in sbrugna...

EUVD-2004-1509

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-20165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The...

Linux Distros Unpatched Vulnerability : CVE-2022-1473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This functi...

Drupal Bootstrap Site Alert 安全漏洞

Drupal Bootstrap Site Alert is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal Bootstrap Site Alert versions prior to 1.13.0 and 3.0.x versions prior to 3.0.4, which stems from improper input neutralization and could lead...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2406)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-45506

A flaw was found in HAProxy. An issue in the HTTP/2 multiplexer combined with the zero-copy forwarding system allows remote attackers to trigger under very rare conditions an endless loop and cause a denial of service. Mitigation Disable the zero-copy forwarding system to mitigate this issue. Add...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1921)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-30420

Server-side request forgery SSRF vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may obtain...

CVE-2024-31396

Code injection vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may execute an arbitrary command on...

CVE-2024-31396

Code injection vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may execute an arbitrary command on...

CVE-2024-31395

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this...