CVE-2026-46618 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

CVE-2025-46618

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab...

CVE-2025-46618

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab...

CVE-2025-46618

JetBrains TeamCity before 2025.03.1 is affected by CVE-2025-46618, where a stored XSS vulnerability exists on the Data Directory tab. The available sources confirm the issue in versions prior to 2025.03.1 and note the impact as stored XSS. A remediation suggested by PT-2025-17925 is to upgrade to...

CVE-2023-46618

Cross-Site Request Forgery CSRF vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin = 2.5 versions...

CVE-2023-46618 WordPress Category SEO Meta Tags Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin = 2.5 versions...

CVE-2023-46618 WordPress Category SEO Meta Tags Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin = 2.5 versions...

CVE-2023-46618

CVE-2023-46618 is a CSRF vulnerability affecting WordPress Category SEO Meta Tags plugin versions

WordPress Category SEO Meta Tags Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Category SEO Meta Tags Type Plugin Vulnerable versions = 2.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46618 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c59090fd2bb0 Credits LEE SE HYOUNG...

CVE-2021-46618

CVE-2021-46618 affects Bentley MicroStation CONNECT 10.16.0.80. The issue is a parsing flaw in PNG handling that leads to a read past the end of an allocated buffer due to insufficient validation of user-supplied data. Exploitation requires user interaction (target must visit a malicious page or ...

Tor &quot;policy_summarize()&quot;目录管理拒绝服务漏洞

BUGTRAQ ID: 46618 Tor 是第二代洋葱路由（onion routing）的一种实现，用户通过Tor可以在因特网上进行匿名交流。 Tor的"policysummarize"函数在实现上存在拒绝服务漏洞，攻击者可利用此漏洞造成拒绝服务。 此漏洞源于src/or/policies.c中的"policysummarize"函数边界错误。 Tor Tor 0.2.1.29 Tor Tor 0.2.1.28 Tor Tor 0.2.1.27 Tor Tor 0.2.1.22 Tor Tor 0.2.1.21 Tor Tor 0.2.1.20 厂商补丁： Tor ---...