Unity Linux 20.1070e Security Update: xz (UTSA-2026-014304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014304 advisory. XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...

CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004191 advisory. A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impac...

EUVD-2021-1153

Malware in sbrugna...

EUVD-2024-32185

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users like author ...

Linux Distros Unpatched Vulnerability : CVE-2022-21664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of th...

Craft CMS 代码注入漏洞

Craft CMS is an open source content management system CMS from Craft CMS. A code injection vulnerability exists in Craft CMS versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3, which stems from a security key compromise that could allow remote code execution...

PT-2025-32419 · Craft · Craft

Name of the Vulnerable Software and Affected Versions: Craft versions 4.13.8 through 4.16.2 Craft versions 5.5.8 through 5.8.3 Description: Craft is a platform for creating digital experiences. A vulnerability exists that allows bypassing security measures, potentially leading to remote code...

Linux Distros Unpatched Vulnerability : CVE-2020-25212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other...

CVE-2024-3606

The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the pmuploadcoverimage function in all versions up to, and including, 5.8.3. This makes it possible for authenticated...

RHSA-2025:3454 Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.3 release and security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.3 release and security update

An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

PT-2024-26871 · WordPress · Profilegrid

Name of the Vulnerable Software and Affected Versions: The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress versions up to, and including, 5.8.3 Description: The issue is related to a missing capability check on the pm upload cover image function, allowing...

WordPress ProfileGrid plugin <= 5.8.3 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin ProfileGrid versions = 5.8.3...

PT-2024-19502 · WordPress · Event Tickets/Registration

Name of the Vulnerable Software and Affected Versions: Event Tickets and Registration plugin for WordPress versions prior to 5.8.3 Description: The issue allows authenticated attackers with contributor access or higher to extract sensitive data, including emails and street addresses, via the RSVP...

WordPress Premium Packages Plugin <= 5.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Premium Packages Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29924 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fd83d5609f73 Credits Yudistira Arya Required privile...

BIT-WORDPRESS-2022-21663 Authenticated Object Injection in Multisites in WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3...

BIT-WORDPRESS-MULTISITE-2022-21661 SQL injection in WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WPQuery, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress...