CVE-2026-8162

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...

CVE-2026-8161

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as proto, constructor, or toString, the parser invokes .push on the inherited...

CVE-2026-8161

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as proto, constructor, or toString, the parser invokes .push on the inherited...

Astra Linux - уязвимость в pgagent

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator was used when generating the directory name, which allows a local attacker to pre-create the directory a...

WordPress Optimole plugin <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL vulnerability

Reflected Cross-Site Scripting via Page Profiler URL vulnerability discovered by WordFence in WordPress Plugin Optimole versions = 4.2.3...

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-4277 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-4277 Source advisory: SNYK:PYTHON-DJANGO-15923568...

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-4292 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-4292 Source advisory: SNYK:PYTHON-DJANGO-15923535...

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-3902 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-33033 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-33033 Source advisory: OSV:GHSA-5MF9-H53Q-7MHQ...

02strich-markdown (>=1.0.0 <=1.0.2), @0xintuition/slang-cli (>=0.0.1 <=0.0.8) +1947 more potentially affected by CVE-2026-26996 via minimatch (>=4.1.1 <=4.2.3)

minimatch NPM version =4.1.1, =1.0.0, =0.0.1, =0.5.2, =5.0.2, =2.2.0, =1.1.4, =1.3.1, =1.0.0, =0.0.2-alpha-20220914223128-d706aab, =0.0.2-alpha-20220915073207-1bb0680, =0.0.2-alpha-20220914223128-d706aab, =1.1.8, =1.0.0, =1.5.0 and more Source cves: CVE-2026-26996 Source advisory:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002363 advisory. The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and...

CVE-2023-25447

Cross-Site Request Forgery CSRF vulnerability in Inkthemescom ColorWay theme = 4.2.3 versions...

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Apache Commons HttpClient before 4.2.3 allows man-in-the-middle attack

Summary Apache Commons HttpClient before 4.2.3 allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle...

EUVD-2014-0065

Malware in sbrugna...

EUVD-2018-18167

Malware in sbrugna...

EUVD-2020-17107

Malware in sbrugna...

EUVD-2019-9569

Malware in sbrugna...

EUVD-2002-1933

Malware in sbrugna...

EUVD-2020-17109

Malware in sbrugna...

EUVD-2014-0055

Malware in sbrugna...