ROOT-APP-NPM-CVE-2026-33938 CVE-2026-33938 in @rootio/handlebars - Patched by Root

Root has patched CVE-2026-33938 in the @rootio/handlebars package for Root:npm. Multiple fixed versions available...

CVE-2026-33938

creationtimestamp| type| source ---|---|--- 2026-03-27 18:20:44+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-3mfm-83xf-c92r 2026-03-27 21:38:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mi33d7jqdq2s 2026-03-27 22:25:00+00:00| seen|...

4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3647 more potentially affected by CVE-2026-33938 via handlebars (>=4.0.0 <=4.7.8)

handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2026-33938 Source advisory: OSV:GHSA-3MFM-83XF-C92R...

EUVD-2022-33938

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-33938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow vulnerability in function prunetorecommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

CVE-2024-33938

Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting XSS.This issue affects Sliding Widgets: from n/a through 1.5.0...

CVE-2023-33938

Cross-site scripting XSS vulnerability in the App Builder module's custom object details page in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before update 14 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an App Builder custom object...

WordPress Sliding Widgets Plugin <= 1.5.0 is vulnerable to Broken Access Control

Software Sliding Widgets Type Plugin Vulnerable versions = 1.5.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-33938 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cd992f831fdc Credits Dimas Maulana Required...

CVE-2023-33938

CVE-2023-33938 is a documented XSS vulnerability in the App Builder module of Liferay Portal/DXP (affecting Liferay Portal 7.3.0–7.4.0 and Liferay DXP 7.3 prior to update 14). The flaw occurs on the App Builder custom object details page, where an attacker can inject arbitrary web script or HTML ...

NewStart CGSL MAIN 6.02 : libsolv Multiple Vulnerabilities (NS-SA-2022-0092)

The remote NewStart CGSL host, running version MAIN 6.02, has libsolv packages installed that are affected by multiple vulnerabilities: - Buffer overflow vulnerability in function poolinstallable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. CVE-2021-33928 ...

CVE-2022-33938

The CVE-2022-33938 entry concerns Abode Systems iota All-In-One Security Kit, affected in versions 6.9Z and 6.9X. The concrete issue is a format-string injection in the ghome_process_control_packet function, triggered by a crafted XML payload sent to the device, which can cause memory corruption,...

CVE-2022-33938

A format string injection vulnerability exists in the ghomeprocesscontrolpacket functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious X...

Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them

Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit. This kit includes a main security camera and hub that can alert users of unwanted movement in their homes. It also includes...

Moderate: Red Hat Security Advisory: Satellite 6.11 Release

An update is now available for Red Hat Satellite 6.11 Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: libsolv: Heap-based buff...

Rocky Linux 8 : libsolv (RLSA-2021:4060)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4060 advisory. - Buffer overflow vulnerability in function poolinstallable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

AlmaLinux 8 : libsolv (ALSA-2021:4060)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4060 advisory. - Buffer overflow vulnerability in function poolinstallable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

CVE-2021-33938 affecting package libsolv 0.7.7-4

CVE-2021-33938 affecting package libsolv 0.7.7-4. An upgraded version of the package is available that resolves this issue...

CentOS 8 : libsolv (CESA-2021:4060)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4060 advisory. - libsolv: heap-based buffer overflow in poolinstallable in src/repo.h CVE-2021-33928 - libsolv: heap-based buffer overflow in pooldisabledsolvable in...

libsolv security update

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsolv packages provide a library for resolving package dependencies usi...

RHEL 8 : libsolv (RHSA-2021:4060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4060 advisory. The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv:...