ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +715 more potentially affected by CVE-2026-42582 via io.netty:netty-codec-http3 (>=4.2.10.Final <=4.2.12.Final)

io.netty:netty-codec-http3 MAVEN version =4.2.10.Final, =0.1.0, =0.1.0, =0.0.1-alfa, =0.0.1-demo, =6.0.1, =4.0.3-M1, =1.21.9, =1.0.5, =3.6.4, =1.0.1, =26.2.1, =26.4.2 and more Source cves: CVE-2026-42582 Source advisory: SNYK:JAVA-IONETTY-16438978...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2758 more potentially affected by CVE-2026-42581 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-42581 Source advisory: SNYK:JAVA-IONETTY-16438934...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2758 more potentially affected by CVE-2026-42580 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-42580 Source advisory: SNYK:JAVA-IONETTY-16438926...

Astra Linux - уязвимость в wireshark

The column handling in Wireshark versions 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows for denial of service through packet injection or malicious capture files...

strongSwan -- Heap-based buffer overflow in eap-mschapv2 plugin due to improper handling of failure request packets

Xu Biang reports: The eap-mschapv2 plugin doesn't correctly check the length of an EAP-MSCHAPv2 Failure Request packet on the client, which can cause an integer underflow that leads to a crash and, depending on the compiler options, even a heap-based buffer overflow that's potentially exploitable...

DEBIAN-CVE-2025-5601

Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file...

CVE-2023-47380

Admidio v4.2.12 and below is vulnerable to Cross Site Scripting XSS...

SPIP 4.2.12 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.12 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

Exploit for CVE-2024-7954

🚀 SPIP Unauthenticated RCE Exploit !Exploit Execution./img...

CVE-2023-47380

Admidio v4.2.12 and below is vulnerable to Cross Site Scripting XSS...

Cisco Finesse 跨站脚本漏洞

Cisco Finesse is a suite of call center management software from Cisco. A security vulnerability exists in Upstream Works for Cisco Finesse version 4.2.12 and earlier, and version 5.x prior to 5.3, which stems from the presence of a stored cross-site scripting XSS vulnerability...

SUSE CVE-2015-6506

Cross-site scripting XSS vulnerability in the cryptography interface in Request Tracker RT before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key...

CVE-2023-22727

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...

CVE-2023-22727 Database Query::offset() and limit() vulnerable to SQL injection in cakephp

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...

CVE-2023-22727

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...

Wordpress XCloner 4.2.12 Plugin - Remote Code Execution (Authenticated) Exploit

Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12 Tested on: Ubunt...

[SECURITY] [DLA 2060-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u8 CVE ID : CVE-2020-5504 Debian Bug : 948718 In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. ...

Sensio Labs Symfony Code Execution Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A code execution vulnerability exists in Sensio Labs Symfo...

Pivotal Software Spring Security Authentication Vulnerability

Pivotal Software Spring Security is a suite of security frameworks from Pivotal Software, Inc. that provide illustrative security protection for Spring-based applications. A security vulnerability exists in Pivotal Software Spring Security versions 4.2.x through 4.2.12 and older versions that are...

phpMyAdmin Multiple Vulnerabilities (PMASA-2014-15, PMASA-2014-16) - Windows

phpMyAdmin is prone to multiple cross-site scripting XSS and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...