4 matches found
PT-2026-50895
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.8.0 through 3.16.0 Description Improper Validation of Integrity Check Value in the jwe-decrypt plugin under default configuration allows for authentication bypass. Recommendations Upgrade to version 3.17.0...
CVE-2026-6982 star7th ShowDoc API Page Sort Endpoint PageController.class.PHP sql injection
A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component API Page Sort Endpoint. Executing a manipulation of the argument pages ca...
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +1220 more potentially affected by CVE-2026-24281 via org.apache.zookeeper:zookeeper (>=3.8.0 <=3.8.5)
org.apache.zookeeper:zookeeper MAVEN version =3.8.0, =3.10.0.5, =0.1.0, =0.2.6, =0.0.33, =0.0.82, =0.0.33, =0.0.33, =0.0.33, =0.6.2, =0.6.0, =0.7.1 and more Source cves: CVE-2026-24281 Source advisory: SNYK:JAVA-ORGAPACHEZOOKEEPER-15456215...
CVE-2025-54031
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...