45 matches found
OPENSUSE-SU-2026:10444-1 traefik-3.6.12-1.1 on GA media
These are all security issues fixed in the traefik-3.6.12-1.1 package on the GA media of openSUSE Tumbleweed...
BIT-ARGO-WORKFLOWS-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...
CVE-2025-62156
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...
CVE-2025-62157
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...
CVE-2025-62157
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...
CVE-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...
CVE-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...
CVE-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...
PT-2025-41938
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows is a container-native workflow engine for Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact...
PT-2025-41937
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows, a container-native workflow engine for Kubernetes, contains a Zip Slip path traversal issue during artifact extraction. The...
CVE-2019-10765
iobroker.admin before 3.6.12 allows attacker to include file contents from outside the /log/file1/ directory...
CVE-2024-54213 WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zionbuilder.io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPress Page Builder – Zion Builder: from n/a through 3.6.12...
CVE-2024-54213 WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zionbuilder ZionBuilder zionbuilder allows Stored XSS.This issue affects ZionBuilder: from n/a through = 3.6.16...
PT-2024-36091 · WordPress · Wordpress Page Builder – Zion Builder
Name of the Vulnerable Software and Affected Versions: WordPress Page Builder – Zion Builder versions 3.6.12 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, where an...
VulnCheck KEV: CVE-2013-0213
The Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a 1 FRAME or 2 IFRAME element...
phplist 安全漏洞
phplist is a suite of open source newsletter and email marketing software from UK-based phplist. A security vulnerability exists in phplist version 3.6.12, which stems from the presence of an access error that allows manipulation and editing of the system super administrator's data, which could...
GHSA-9Q9M-C65C-37PQ Reportlab vulnerable to remote code execution
Reportlab up to and including v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...
CVE-2023-33733
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...
UBUNTU-CVE-2023-33733
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...
PT-2023-3430 · Wireshark +4 · Wireshark +4
Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.12 Wireshark versions 4.0.0 through 4.0.4 Description: The issue is related to a large loop in the LISP dissector of Wireshark, which can lead to a denial of service via packet injection or crafted capture...