ROOT-OS-ALPINE-320-CVE-2024-37894 CVE-2024-37894 in rootio-squid - Patched by Root

Root has patched CVE-2024-37894 in the rootio-squid package for Root:Alpine:3.20. Multiple fixed versions available...

ROOT-OS-ALPINE-320-CVE-2024-52533 CVE-2024-52533 in rootio-glib - Patched by Root

Root has patched CVE-2024-52533 in the rootio-glib package for Root:Alpine:3.20. Multiple fixed versions available...

ROOT-OS-ALPINE-320-CVE-2024-50383 CVE-2024-50383 in rootio-botan - Patched by Root

Root has patched CVE-2024-50383 in the rootio-botan package for Root:Alpine:3.20. Multiple fixed versions available...

ROOT-OS-ALPINE-320-CVE-2024-50382 CVE-2024-50382 in rootio-botan - Patched by Root

Root has patched CVE-2024-50382 in the rootio-botan package for Root:Alpine:3.20. Multiple fixed versions available...

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

EUVD-2026-10792

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list content. The task list content extraction logic did not properly re-encode browser-decoded text nodes before rendering, allowing user-supplied HTM...

CVE-2026-2266 Improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injection

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list content. The task list content extraction logic did not properly re-encode browser-decoded text nodes before rendering, allowing user-supplied HTM...

CVE-2026-2266

CVE-2026-2266 : In GitHub Enterprise Server, there is a DOM-based cross-site scripting vulnerability caused by improper neutralization of input in the task list content rendering. Authenticated users can craft malicious task list items in issues or pull requests to inject user-supplied HTML and e...

CVE-2026-2266

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list content. The task list content extraction logic did not properly re-encode browser-decoded text nodes before rendering, allowing user-supplied HTM...

CVE-2026-28018 WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

PT-2026-23300

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

WordPress plugin Global Logistics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Global Logistics versions = 3.20...

CVE-2026-1355 Missing Authorization Check in GitHub Enterprise Server Allows Unauthorized Uploads to Repository Migration Exports

A Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to upload unauthorized content to another user’s repository migration export due to a missing authorization check in the repository migration upload endpoint. By supplying the migration...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.4.SP1)

An update for Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available RHBQ 3.20.4.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

CVE-2024-44636

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

CVE-2024-55016

PHPGurukul Student Record Management System 3.20 is vulnerable to SQL Injection via the id and password parameters in login.php...

PT-2025-46959

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.20 Description The PHPGurukul Student Record System is affected by a SQL Injection issue. This issue impacts the password-recovery.php script, specifically through the id and emailid parameters...

CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

CVE-2024-44630

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...