br.com.arsmachina:tapestry-url-rewriter (>=1.0.1 <=2.0.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +294 more potentially affected by CVE-2025-61795 via org.apache.tomcat:catalina (>=6.0.13 <=6.0.53)

org.apache.tomcat:catalina MAVEN version =6.0.13, =1.0.1, =1.2.1, =0.1, =7.12.0, =1.0.0, =1.0.3, =9.0.3, =9.0.3, =0.7.1, =1.5, =1.8.2, =0.9.0, =1.0.0 and more Source cves: CVE-2025-61795 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-13723545...

EUVD-2018-10854

Malware in sbrugna...

EUVD-2023-39845

Malicious code in bioql PyPI...

CVE-2025-57977

Cross-Site Request Forgery CSRF vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through = 6.0.13...

WordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by theviper17 in WordPress Plugin Flexible PDF Invoices for WooCommerce & WordPress versions = 6.0.13...

CVE-2025-57977 WordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through = 6.0.13...

CVE-2025-57977

CVE-2025-57977 is a CSRF vulnerability in the WordPress plugin Flexible PDF Invoices for WooCommerce & WordPress (≤ 6.0.13). Affected component is the plugin’s CSRF handling in the invoice generation/related actions. CVSS metrics from Patchstack/NVD indicate: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H w...

CVE-2020-28727

Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...

org.graylog.plugins:graylog-plugin-parent (>=6.0.0 <=6.0.13), org.graylog.plugins:graylog-plugin-web-parent (>=6.0.0 <=6.0.13) potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.0.0 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.13 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

varnish security update

varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...

Advisory ROSA-SA-2023-2305

software: suricata 6.0.13 WASP: ROSA-CHROME packageevrstring: suricata-6.0.13-1.src.rpm CVE-ID: CVE-2023-35852 BDU-ID: 2023-06800 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Suricata Intrusion Detection and Prevention System is related to an incorrect restriction of the path name of a...

VMware Spring Framework 6.0.0 - 6.0.13 DoS Vulnerability

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

be.dnsbelgium:rdap-server (>=4.0.0 <=4.0.3), be.personify.iam:personify-api (>=1.5.0.RELEASE <=1.5.2.RELEASE) +2256 more potentially affected by CVE-2023-34053 via org.springframework:spring-webmvc (>=6.0.0 <=6.0.13)

org.springframework:spring-webmvc MAVEN version =6.0.0, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =3.4.0 and more Source cves: CVE-2023-34053 Source advisory: OSV:GHS...

PT-2023-20550 · Tibco Software · Tibco Ebx +1

Name of the Vulnerable Software and Affected Versions: TIBCO EBX versions 5.9.22 and below TIBCO EBX versions 6.0.13 and below TIBCO Product and Service Catalog powered by TIBCO EBX versions 5.0.0 and below Description: The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO...

CVE-2022-44720

An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

Ucopia 安全漏洞

Ucopia Express is a device used for Wifi management by the French company Ucopia. A security vulnerability exists in Ucopia versions prior to 6.0.13, which stems from an SSH server with insecure privileges...

CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

Directory traversal

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...