PT-2026-48311

Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 4.0.0 through 4.0.5 Spring Data Commons versions 3.5.0 through 3.5.11 Spring Data Commons versions 3.4.0 through 3.4.14 Description Applications may be subject to denial of service through resource exhaustion. This...

ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +2251 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-actuator (>=3.4.0 <=3.5.11)

org.springframework.boot:spring-boot-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =0.0.1, =0.1.0, =0.8.2 - cc.zzzyu.nacos:nacos-ai =3.1.1 and more Source cves: CVE-2026-22731 Source advisory:...

ch.admin.bit.jeap.jme:jme-spring-boot-integration-test-it (>=1.0.0 <=1.0.1), ch.admin.bit.jeap:jeap-archrepo-instance (>=4.17.0 <=4.22.0) +1065 more potentially affected by CVE-2026-22733 via org.springframework.boot:spring-boot-starter-actuator (>=3.5.0 <=3.5.11)

org.springframework.boot:spring-boot-starter-actuator MAVEN version =3.5.0, =1.0.0, =4.17.0, =4.17.0, =4.17.0, =3.14.0, =3.14.0, =3.14.0, =0.0.1, =0.0.13, =0.0.1, =0.0.1, =2.43.0, =4.14.0, =4.14.0, =4.14.0, =4.18.0 and more Source cves: CVE-2026-22733 Source advisory: OSV:GHSA-MGVC-8Q2H-5PGC...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by VMware, a US-based company. Versions of VMware Spring Boot prior to 4.0.3, 3.5.11, and 3.4.15 contained security vulnerabilities. These vulnerabilities stemmed from applications that required authentication when specific paths were...

WordPress Sober theme <= 3.5.11 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Sober versions = 3.5.11...

CVE-2025-67567

CVE-2025-67567 is a vulnerability in the Sober WordPress theme by uixthemes, affecting Sober up to and including version 3.5.11. It is categorized as Unauthenticated Information Exposure, enabling retrieval of embedded sensitive data. The Wordfence vulnerability report lists Sober (Sober) as affe...

CVE-2025-67567 WordPress Sober theme <= 3.5.11 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in uixthemes Sober sober allows Retrieve Embedded Sensitive Data.This issue affects Sober: from n/a through = 3.5.11...

CVE-2025-67567 WordPress Sober theme <= 3.5.11 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in uixthemes Sober sober allows Retrieve Embedded Sensitive Data.This issue affects Sober: from n/a through = 3.5.11...

EUVD-2025-28703

Malicious code in bioql PyPI...

EUVD-2024-30622

Malicious code in bioql PyPI...

GHSA-36WV-V2QP-V4G4 Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged

Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory...

CVE-2024-32836

Unrestricted Upload of File with Dangerous Type vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through = 3.5.11...

openSUSE 15 Security Update : etcd (openSUSE-SU-2025:0003-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0003-1 advisory. Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine...

PT-2025-4405

Name of the Vulnerable Software and Affected Versions iTerm2 versions 3.5.6 through 3.5.10 Description The issue sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration...

PT-2024-26903 · Unknown · Reposilite

Name of the Vulnerable Software and Affected Versions: Reposilite versions 3.5.10 through 3.5.11 Description: The issue is related to an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. This occurs because the GET /javadoc/repository//raw/ route uses the...

OPENSUSE-SU-2024:13615-1 etcd-3.5.11-1.1 on GA media

These are all security issues fixed in the etcd-3.5.11-1.1 package on the GA media of openSUSE Tumbleweed...

WordPress plugin WP-Lister Lite for eBay 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2024-24911 · Wp · Wp-Lister Lite For Ebay

Name of the Vulnerable Software and Affected Versions: WP-Lister Lite for eBay versions 3.5.11 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the WP Lab WP-Lister Lite for eBay plugin. Recommendations: For WP-Lister Lite for eBay...

WordPress WP-Lister Lite for eBay plugin <= 3.5.11 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WP-Lister Lite for eBay versions = 3.5.11...

WordPress WP-Lister Lite for eBay Plugin <= 3.5.11 is vulnerable to Arbitrary File Upload

Software WP-Lister Lite for eBay Type Plugin Vulnerable versions = 3.5.11 Fixed in 3.6.0 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-32836 Patch priority Medium CVSS severity Medium 9.1 Developer WP Lab PSID a5bd0e74973d Credits Joshua Chan Required privilege Shop...