Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017613 advisory. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can ...

Slackware Linux 15.0 / current expat Vulnerability (SSA:2025-268-01)

The version of expat installed on the remote host is prior to 2.7.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-268-01 advisory. New expat packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding descripti...

GO-2025-3952 Chaos Controller Manager is vulnerable to OS command injection in github.com/chaos-mesh/chaos-mesh

Chaos Controller Manager is vulnerable to OS command injection in github.com/chaos-mesh/chaos-mesh. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

WordPress plugin Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-38099 · WordPress · The Floating Notification Bar

Name of the Vulnerable Software and Affected Versions: The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any WordPress plugin versions prior to 2.7.3 Description: The issue concerns a lack of validation and escaping of certain settings before they ar...

AZL-13569 CVE-2023-25725 affecting package haproxy for versions less than 2.4.22-1

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

HAProxy 安全漏洞

Haproxy HAProxy is an open source TCP/HTTP load balancing server from the French company Haproxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy versions prio...

PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2017-32539)

PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody versions prior to 2.7.3. A remote attacker can exploit this vulnerability by sending the 'image' parameter to the admin/editcategory.php file to inject SQL...

PHP Melody Cross-Site Scripting Vulnerability

PHP Melody is a self-hosted video CMS. A cross-site scripting vulnerability exists in PHP Melody versions prior to 2.7.3, which can be exploited by remote attackers to inject arbitrary web script or HTML...