SUSE CVE-2017-18906

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account...

CVE-2026-22709

CVE-2026-22709 affects the vm2 Node.js sandbox module prior to 3.10.2. The vulnerability arises because Promise.prototype.then/catch sanitization is incomplete: the globalPromise path isn’t sanitized in lib/setup-sandbox.js, allowing an attacker to escape the sandbox and execute arbitrary code. U...

PT-2026-4821

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.10.2 Description vm2 is a Node.js library used to create sandboxed environments for executing untrusted code. A flaw exists in versions prior to 3.10.2 where the sanitization of Promise.prototype.then and...

EUVD-2015-6904

Malware in sbrugna...

EUVD-2024-2609

Malicious code in bioql PyPI...

EUVD-2024-44935

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-20281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8,...

Linux Distros Unpatched Vulnerability : CVE-2021-20279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. CVE-2021-20279 Note...

Linux Distros Unpatched Vulnerability : CVE-2025-32776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to...

CVE-2025-49034 WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows SQL Injection.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.10.2...

CVE-2024-3287

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...

CVE-2025-2203

The FunnelKit WordPress plugin before 3.10.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

DEBIAN-CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

UBUNTU-CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

CVE-2025-32776 OpenRazer Vulnerable to Out of Bounds Read

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

CVE-2025-32776

OpenRazer is affected by CVE-2025-32776 where writing specially crafted data to /matrix_custom_frame can cause the kernel driver to read more bytes than provided by userspace, with the extra data ending up in RGB arguments sent to the USB device. This is an out-of-bounds read in the OpenRazer dri...

PYSEC-2025-117

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

PT-2025-15282 · Gdal +1 · Gdal +1

Name of the Vulnerable Software and Affected Versions: gdal version 3.10.2 Description: The issue is a Buffer Overflow vulnerability that allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. Recommendations: For gdal version 3.10.2, as a temporary...