ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=8.6.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-converter (>=8.6.0 <=8.8.1) +96 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu3.support (>=6.6.0 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.dstu3.support MAVEN version =6.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (>=5.6.5 <=6.8.0), ca.uhn.hapi.fhir:hapi-fhir-base-test-mindeps-client (>=5.6.5 <=7.4.5) +277 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu3 (>=0.0.1 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.dstu3 MAVEN version =0.0.1, =5.6.5, =5.6.5, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.2.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

CVE-2026-26059

ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...

PT-2026-20912

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.8.2 Description ChurchCRM is an open-source church management system. An authenticated user with permission to edit groups could store a JavaScript payload that would execute when the group was viewed in the Group...

CVE-2025-23050

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Re...

BIT-WORDPRESS-2025-58246 WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...

WordPress <= 6.8.2 Multiple Vulnerabilities (Sep 2025) - Linux

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

CVE-2025-58674 WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user...

CVE-2025-58674 WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user...

CVE-2025-58246 WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...

CVE-2025-58246 WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...

CVE-2025-58246

Summary of CVE-2025-58246 : WordPress core contains an information-disclosure vulnerability described as “Insertion of Sensitive Information Into Sent Data.” It affects WordPress releases across many major versions (as listed in advisories) and can lead to retrieval of embedded sensitive data by ...

PT-2025-39206

Name of the Vulnerable Software and Affected Versions WordPress versions through 6.8.2 Description A flaw exists in Automattic WordPress that allows for Stored Cross-site Scripting XSS. An attacker with Author or higher user privileges can exploit this issue. The vulnerability stems from improper...

UBUNTU-CVE-2025-54352

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...

CVE-2022-1241

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

CVE-2020-5832

Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...

[SECURITY] Fedora 40 Update: qt6-qtwebengine-6.8.2-4.fc40

Qt6 - QtWebEngine components...

CVE-2023-28339

OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later...

SUSE CVE-2019-7614

A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user...

CVE-2022-1241

CVE-2022-1241 affects the WordPress Ask Me premium theme prior to version 6.8.2, where the Edit Profile page fails to properly sanitize and escape several fields, enabling Reflected Cross-Site Scripting (XSS). The vulnerability is documented across multiple sources (CVE records, CVE lists, and pa...