Astra Linux - уязвимость в libonig

A NULL pointer dereference in the matchat function in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause a denial of service by providing a crafted regular expression. Oniguruma vulnerabilities often affect Ruby, as well as common optional libraries used in PHP and Rust...

OPENSUSE-SU-2026:10464-1 python311-pypdf-6.9.2-1.1 on GA media

These are all security issues fixed in the python311-pypdf-6.9.2-1.1 package on the GA media of openSUSE Tumbleweed...

Infinite loop

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Infinite loop in the readfromstream function of DictionaryObject. An attacker can cause the application to enter an infinite loop ...

CVE-2026-32523 WordPress WPJAM Basic plugin <= 6.9.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...

PT-2026-28037

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...

Fedora 42 : wordpress (2026-675dd9b166)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-675dd9b166 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

SourceForge QaTraq 安全漏洞

SourceForge QaTraq is an open source test management tool from SourceForge. A security vulnerability exists in SourceForge QaTraq version 6.9.2 that stems from enabling administrative account credentials by default, which could result in gaining administrative privileges...

CVE-2025-6338

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2...

EUVD-2025-34743

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2...

EUVD-2025-22915

Malicious code in bioql PyPI...

CVE-2023-51503

Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 6.9.2...

Enpass Password Manager 安全漏洞

Enpass Password Manager is a cross-platform offline password manager from Enpass. A security vulnerability exists in Enpass Password Manager version 6.9.2, which stems from an HTML injection vulnerability that allows an attacker to run arbitrary HTML code by creating carefully crafted comments...

CVE-2023-51503

Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 6.9.2...

PT-2023-31841 · Woo · Woopayments

Name of the Vulnerable Software and Affected Versions: WooPayments – Fully Integrated Solution Built and Supported by Woo versions n/a through 6.9.2 Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This vulnerability affects the WooPayments...

Oracle Linux 7 : edk2 (ELSA-2020-5861)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5861 advisory. - Create new 1.3 release for OL7 which includes the following fixed CVEs: CVE-2018-12182 CVE-2019-13224 CVE-2019-13225 CVE-2019-14553 Fri May 17 2019...

JVN#56890693: Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads

Joomla! plugin "AcyMailing" allows an unauthenticated user to upload arbitrary files CWE-434. Impact Arbitrary PHP code may be executed. Solution Update the plugin Update the plugin according to the information provided by the developer. Products Affected AcyMailing versions prior to 6.9.2...

acymailing, 6.9.2,Other

acymailing, 6.9.2,Other Update to version 6.9.2 Developer did not inform the VEL team...

Acyba AcyMailing Code Issue Vulnerability

Acyba AcyMailing is a suite of newsletter and marketing automation software from the Acyba team in France. A code issue vulnerability exists in Acyba AcyMailing versions prior to 6.9.2, which arises from improper handling of file uploads and can be exploited by a remote attacker to execute...

CVE-2020-10934

Acyba AcyMailing before 6.9.2 mishandles file uploads by admins...

CVE-2020-10934

CVE-2020-10934 affects the Joomla! plugin "AcyMailing" prior to version 6.9.2. The root cause is mishandling of file uploads by admins, allowing an attacker to upload arbitrary files (CWE-434) and potentially execute arbitrary PHP code. Affected software: AcyMailing; vulnerable component: file up...