GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.22 of GitHub Enterprise Server, there was a security...

PT-2026-43434

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.22 Description A server-side request forgery SSRF issue exists where an unauthenticated attacker can send crafted requests to internal services due to insufficient input validation in an upload...

GHSA-2JF5-6WWV-VHXX Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods

Summary A vulnerability in the Inngest TypeScript SDK versions 3.22.0 through 3.53.1 allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the serve HTTP handler. The serve handler implements GET, POST, and PUT methods. Requests using PATCH, OPTIONS...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +12 more potentially affected by CVE-2026-43573 via openclaw (>=2026.3.22 <=2026.4.1)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-43573 Source advisory: SNYK:JS-OPENCLAW-16420267...

ROOT-OS-ALPINE-322-CVE-2025-9820 CVE-2025-9820 in rootio-gnutls - Patched by Root

Root has patched CVE-2025-9820 in the rootio-gnutls package for Root:Alpine:3.22. Multiple fixed versions available...

ROOT-OS-ALPINE-322-CVE-2025-32988 CVE-2025-32988 in rootio-gnutls - Patched by Root

Root has patched CVE-2025-32988 in the rootio-gnutls package for Root:Alpine:3.22. Multiple fixed versions available...

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

FreeRDP 资源管理错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the capture thread using a freed channel callback to send sample responses after the...

PT-2025-47283

Name of the Vulnerable Software and Affected Versions Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress versions prior to 3.22 Description The software is susceptible to Stored Cross-Site Scripting through its lightbox functionality. This is due to inadequate input...

EUVD-2006-2582

Malware in sbrugna...

CVE-2012-10010

A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...

CVE-1999-0475 affecting package procmail 3.22-53

CVE-1999-0475 affecting package procmail 3.22-53. No patch is available currently...

OPENSUSE-SU-2024:10533-1 procmail-3.22-270.9 on GA media

These are all security issues fixed in the procmail-3.22-270.9 package on the GA media of openSUSE Tumbleweed...

WordPress Plugin Database Reset Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-41325 OP-TEE double free in shdr_verify_signature

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

CVE-2023-41325

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

CVE-2023-41325 OP-TEE double free in shdr_verify_signature

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

PT-2022-4155 · Schneider Electric · Modicon Quantum/Premium +4

Name of the Vulnerable Software and Affected Versions: Modicon M340 CPU versions V3.40 and prior Modicon M580 CPU versions V3.22 and prior Legacy Modicon Quantum/Premium All Versions Modicon Momentum MDI 171CBU All Versions Modicon MC80 BMKC80 versions V1.7 and prior Description: A CWE-191: Integ...

CVE-2017-16844 affecting package procmail for versions less than 3.22-53

CVE-2017-16844 affecting package procmail for versions less than 3.22-53. A patched version of the package is available...

CVE-2017-16844 affecting package procmail for versions less than 3.22-53

CVE-2017-16844 affecting package procmail for versions less than 3.22-53. A patched version of the package is available...