CVE-2026-3210

Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...

EUVD-2026-15465

Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...

CVE-2026-3210

Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4...

Linux Distros Unpatched Vulnerability : CVE-2016-1000108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of...

CVE-2023-0777

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

CVE-2025-3733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal baguetteBox.Js allows Cross-Site Scripting XSS.This issue affects baguetteBox.Js: from 0.0.0 before 2.0.4, from 3.0.0 before 3.0.1...

CVE-2024-13290

Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4...

CVE-2024-13256

Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful Browsing.This issue affects Email Contact: from 0.0.0 before 2.0.4...

Drupal Email Contact module < 2.0.4 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Claudiu Cristea in WordPress Module Email Contact versions 2.0.4...

JSONata Security Vulnerabilities

JSONata is a JSON query and transformation language. A security vulnerability exists in JSONata versions 1.4.0 through prior to 2.0.4, which stems from a malicious expression that can override attributes on object constructors and prototypes using conversion operators, which could result in a...

GHSA-4GXF-G5GF-22H4 dottie vulnerable to Prototype Pollution

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...

modoboa 安全漏洞

modoboa is an email hosting and management platform for individual developers. A security vulnerability exists in versions prior to modoboa 2.0.4, which stems from improperly limiting excessive authentication attempts...

SUSE CVE-2010-0174

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly...

modoboa 安全漏洞

modoboa is an email hosting and management platform for individual developers. A security vulnerability exists in versions prior to modoboa 2.0.4. An attacker can bypass authentication by exploiting the vulnerability...

modoboa 跨站请求伪造漏洞

modoboa is an email hosting and management platform for individual developers. modoboa versions prior to 2.0.4 are vulnerable to cross-site request forgery. An attacker could exploit this vulnerability to perform cross-site request forgery CSRF attacks...

CVE-2016-1000108

yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound...

PT-2019-10401 · WordPress · Ultimate Member

Name of the Vulnerable Software and Affected Versions: Ultimate-member plugin versions prior to 2.0.4 Description: The issue is related to a Cross-Site Scripting XSS problem. Recommendations: For versions prior to 2.0.4, update to version 2.0.4 or later to resolve the issue...

WordPress Ultimate Member plugin path traversal vulnerability (CNVD-2018-09595)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Ultimate Member is one of the plug-ins used to create a membership site or online community. A directory traversal...

CVE-2009-0934

Cross-site scripting XSS vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs...

PT-2008-6770 · Netatalk +1 · Netatalk +1

Name of the Vulnerable Software and Affected Versions: Netatalk versions prior to 2.0.4-beta2 Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a print request. This can be achieved by using certain variables in a pipe command for the print...