SUSE CVE-2026-43964

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

CVE-2026-43964

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

CVE-2026-43964

Postfix versions affected by CVE-2026-43964 include 3.8.x prior to 3.8.16, 3.9.x prior to 3.9.10, and 3.10.x prior to 3.10.9. The issue is a buffer over-read that can trigger a process crash when handling an enhanced status code that lacks text after the third number. Multiple advisories (OSV, NV...

CVE-2026-43964

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

EUVD-2021-9274

Malicious code in bioql PyPI...

WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Easy Form Builder versions = 3.8.15...

CVE-2024-50514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16...

CVE-2024-50515

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16...

PT-2024-34290 · Unknown · Ninja Forms

Name of the Vulnerable Software and Affected Versions: Ninja Forms versions 3.8.16 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject maliciou...

WordPress plugin Ninja Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Ninja Forms Plugin <= 3.8.16 is vulnerable to Cross Site Scripting (XSS)

Software Ninja Forms Type Plugin Vulnerable versions = 3.8.16 Fixed in 3.8.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50515 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e2d92f3518fa Credits Hwang Se-yeon Required privilege...

BIT-PYTHON-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

OPENSUSE-SU-2024:12747-1 python38-3.8.16-5.1 on GA media

These are all security issues fixed in the python38-3.8.16-5.1 package on the GA media of openSUSE Tumbleweed...

Python DoS Vulnerability (Oct 2022) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python DoS Vulnerability (Oct 2022) - Mac OS X

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python <= 3.10.x Buffer Overflow Vulnerability - Linux

Python is prone to a buffer overflow vulnerability in the sha3 module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PSF-2022-10 Slow IDNA decoding with large strings

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

Python Shell Command Injection Vulnerability (bpo-24778) - Linux

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Python Shell Command Injection Vulnerability (bpo-24778) - Windows

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2021-34809

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors...