21 matches found
CVE-2026-44185
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
UBUNTU-CVE-2026-44185
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-34356 Apache HTTP Server: ProxyPassReverseCookieMap buffer overflow
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CLEANSTART-2026-UI21589 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.4.0-r0, 2.4.0-r1
Multiple security vulnerabilities affect the newrelic-fluent-bit-output package. These issues are resolved in later releases. See references for individual vulnerability details...
listmonk 安全漏洞
listmonk is a high performance, self-hosted, newsletter and mailing list manager with a modern dashboard by Kailash Nadh Personal Developer. A security vulnerability exists in listmonk versions v2.4.0 through v4.1.0, which stems from an SQL injection in the QuerySubscribers function that could le...
PT-2024-26282 · Unknown · Fme Modules For Prestashop
Name of the Vulnerable Software and Affected Versions: FME Modules for PrestaShop helpdesk module versions up to 2.4.0 Description: The issue allows attackers to obtain sensitive information and cause other impacts. It is related to the Tickets::getsearchedtickets function. Recommendations: For...
PT-2024-31173
Name of the Vulnerable Software and Affected Versions YITH WooCommerce Ajax Search plugin for WordPress versions up to and including 2.4.0 Description The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing unauthenticated attackers...
PT-2024-19590 · WordPress · Sky Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Sky Addons for Elementor plugin for WordPress versions up to, and including, 2.4.0 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes,...
PT-2023-8382 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.4.0 through 2.7.0 Description: The issue is related to the exposure of sensitive information in Apache Airflow, which could allow a remote attacker to obtain confidential information. Recommendations: For Apache...
ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.4_2.12 (>=0.25 <=1.2.7) +1152 more potentially affected by CVE-2022-31777 via org.apache.spark:spark-core_2.12 (>=2.4.0 <=3.2.1)
org.apache.spark:spark-core2.12 MAVEN version =2.4.0, =0.25-rc1, =0.25, =0.25, =1.0.1, =1.0.6, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =0.0.8, =0.0.6, =0.0.1, =3.34.0.3-1-3.0, =3.46.0.6-1-3.1 - ai.hunters:spark-adaptive-file-connector2.12 =1.0.0 and more Source cves: CVE-2022-31777 Source...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37644 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37644 Source advisory: OSV:GHSA-27J5-4P9V-PP67...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37658 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37658 Source advisory: OSV:GHSA-6P5R-G9MQ-GGH2...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37678 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37678 Source advisory: OSV:GHSA-R6JX-9G48-2R5R...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37656 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37656 Source advisory: OSV:PYSEC-2021-278...
PT-2021-9681 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.0 through 2.4.46 Description: The issue allows unprivileged local users to stop the httpd service on Windows. This was discovered by Ivan Zhakov. Recommendations: For Apache HTTP Server versions 2.4.0 through...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +92 more potentially affected by CVE-2021-29569 via tensorflow (>=2.4.0 <=2.4.1)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.0.0, =0.0.0.post0 and more Source cves: CVE-2021-29569 Source advisory: OSV:GHSA-3H8M-483J-7XXM...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29532 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-29563 via tensorflow (>=2.4.0 <=2.4.2)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-29563 Source advisory: OSV:PYSEC-2021-200...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29581 via tensorflow-gpu (>=2.4.0 <=2.4.1)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29581 Source advisory: OSV:PYSEC-2021-707...
PT-2021-2186 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an access control bypass vulnerability in the Login as Customer module. Successful exploitation...