JLSEC-2026-482

Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tifdir.c'...

Astra Linux - уязвимость в node-marked

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def might cause catastrophic backtracking against certain strings, leading to a regular expression denial of service ReDoS attack. Any user who runs untrusted markdown using a vulnerable version of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000165 advisory. An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessi...

CVE-2025-68500

The CVE-2025-68500 entry describes a Server-Side Request Forgery (SSRF) in the WordPress plugin Prime Slider – Addons For Elementor (bdthemes-prime-slider-lite). Affected component: bdthemes Prime Slider – Addons For Elementor, via the lite variant; vulnerable version range: up to and including 4...

WordPress plugin Prime Slider – Addons For Elementor 安全漏洞

WordPress Prime Slider - Addons For Elementor plugin is a free plugin for Elementor page builder designed to help users easily create various interactive responsive sliders. The WordPress Prime Slider - Addons For Elementor plugin suffers from a server-side request forgery vulnerability, which...

PT-2025-53078

Name of the Vulnerable Software and Affected Versions bdthemes Prime Slider – Addons For Elementor versions through 4.0.10 Description A Server-Side Request Forgery SSRF issue exists in bdthemes Prime Slider – Addons For Elementor. This allows for Server Side Request Forgery. The issue is present...

JLSEC-2025-252 An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/ti...

An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file...

EUVD-2019-15695

Malware in sbrugna...

EUVD-2022-0473

Malicious code in bioql PyPI...

EUVD-2025-1696

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-17546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...

Linux Distros Unpatched Vulnerability : CVE-2019-7663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the...

Linux Distros Unpatched Vulnerability : CVE-2018-20804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. This issue affects MongoDB Server...

CVE-2023-47837

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10...

Linux Distros Unpatched Vulnerability : CVE-2022-21680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def may cause catastrophic backtracking against some strings and...

PT-2025-7850 · Booknetic · Booknetic

Name of the Vulnerable Software and Affected Versions: Booknetic versions prior to 4.0.10 Description: A Cross-Site Request Forgery CSRF issue has been identified. This issue allows an attacker to trick a user into performing unintended actions on a web application. Recommendations: For versions...

SUSE CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

CVE-2024-33946

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPify s.R.O. WPify Woo Czech allows Reflected XSS.This issue affects WPify Woo Czech: from n/a through 4.0.10...

CVE-2025-0471 Unrestricted Upload of File with Dangerous Type vulnerability in PMB platform

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely...

CVE-2025-0471 Unrestricted Upload of File with Dangerous Type vulnerability in PMB platform

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely...