CVE-2026-45438

Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommerce: from n/a before 2.3.0...

CVE-2026-45438

Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommerce: from n/a before 2.3.0...

PT-2026-1311

Name of the Vulnerable Software and Affected Versions muffon versions prior to 2.3.0 Description muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a Remote Code Execution RCE issue. An attacker can exploit this by embedding a specially crafted muffon://...

CVE-2025-57349

The messageformat package, an implementation of the Unicode MessageFormat 2 specification for JavaScript, is vulnerable to prototype pollution due to improper handling of message key paths in versions prior to 2.3.0. The flaw arises when processing nested message keys containing special character...

Linux Distros Unpatched Vulnerability : CVE-2023-0866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. CVE-2023-0866 Note that Nessus relies on the presence of the package as reported b...

OpenBao 日志信息泄露漏洞

OpenBao is OpenBao open source a sensitive data management software . Versions of OpenBao prior to 2.3.0 suffer from a log message disclosure vulnerability that is exploited by attackers to disclose sensitive information...

CVE-2023-0358

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

PT-2024-30557 · Apollo · Apollo

Name of the Vulnerable Software and Affected Versions: Apollo versions prior to 2.3.0 Description: A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks, enabling them to modify a namespace without the necessar...

PT-2023-30474 · WordPress · So Wp Pinyin Slugs

Name of the Vulnerable Software and Affected Versions: SO WP Pinyin Slugs plugin versions prior to 2.3.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For SO WP Pinyin Slugs plugin version...

GPAC Buffer Error Vulnerability

GPAC is an open source multimedia framework. A buffer error vulnerability exists in versions prior to GPAC v.2.3.0-DEV that stems from the presence of out-of-bounds reads...

PT-2023-32466 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 2.3.0-DEV Description: The issue is related to an out-of-bounds read in the GitHub repository gpac/gpac. Recommendations: For versions prior to 2.3.0-DEV, update to version 2.3.0-DEV or later to resolve the issue...

BIT-NGINX-INGRESS-CONTROLLER-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Broadcom Brocade SANnav 安全漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom Corporation USA. A security vulnerability exists in Brocade SANnav versions prior to v2.3.0 and v2.2.2a, which originated in the Brocade SANnav web interface that allows unauthenticated remote users to bypass web...

JetBrains Ktor framework 路径遍历漏洞

JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor framework versions prior to 2.3.0, which stems from the discovery of a contained path traversal vulnerability in the resolveResource method...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in versions prior to GPAC v2.3.0-DEV that stems from a heap-based buffer overflow...

DEBIAN-CVE-2023-0358

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

UBUNTU-CVE-2023-0358

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

PT-2022-3992 · Nginx · Nginx Ingress Controller

Name of the Vulnerable Software and Affected Versions: NGINX Ingress Controller versions 1.x and earlier NGINX Ingress Controller versions 2.x before 2.3.0 Description: The issue is related to insufficient input validation, allowing an authorized attacker to obtain secrets available to the NGINX...

PT-2020-15696 · Jerryscript · Jerryscript

Name of the Vulnerable Software and Affected Versions: JerryScript versions prior to 2.3.0 Description: The issue is related to stack consumption via a function that utilizes new new Proxya, and JSON.parse"",a. The vendor notes that the problem stems from the lack of the --stack-limit option...

PT-2019-12510 · Synology · Synology Calendar

Name of the Vulnerable Software and Affected Versions: Synology Calendar versions prior to 2.3.0-0615 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the title parameter in the Event Editor. Recommendations: For versions...