CVE-2026-0944

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...

CVE-2026-1464

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

CVE-2026-1464 A possible integer overflow vulnerability in RawTherapee/RawTherapee

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

PT-2026-4860

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001948 advisory. Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or...

WordPress plugin Testimonials Widget Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Litespeed Technologie LiteSpeed QUIC Security Vulnerability

Litespeed Technologie LiteSpeed QUIC LSQUIC is an open source implementation of QUIC and HTTP/3 functionality for servers and clients from Litespeed Technologie, USA. A security vulnerability exists in Litespeed Technologie LiteSpeed QUIC versions prior to 4.0.4, which stems from a mishandled...

PT-2023-30724 · Grocy · Grocy

Name of the Vulnerable Software and Affected Versions: Grocy versions prior to 4.0.4 Description: The issue allows attackers to inject arbitrary HTML content without script execution, occurring when user-supplied data is not properly sanitized. This enables the injection of HTML tags through...

Omeka S 安全漏洞

Omeka S is an open source web content management system CMS from Omeka, Inc. that specializes in creating and managing digital exhibitions and online digital archives. It is a new version of the Omeka project, and unlike the traditional Omeka Classic, Omeka S emphasizes multi-user collaboration a...

GHSA-8Q4V-35V6-G8WR Mattermost Server is vulnerable CSV Injection

An issue was discovered in Mattermost Server before 4.0.4 and 3.10.3. It allows CSV injection via a compliance report...

Admidio 代码问题漏洞

Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums and downloads. A security vulnerability exists in versions prior to Admidio 4.0.4, which stems from the fact that someone with upload privileges c...

Redmine Cross-Site Scripting Vulnerability (CNVD-2020-13535)

Redmine is an open source, web-based project management and defect tracking tool. A cross-site scripting vulnerability exists in Redmine versions prior to 3.4.11 and 4.0.x prior to 4.0.4. The vulnerability stems from a lack of proper validation of client-side data in the WEB application and can b...

CVE-2018-0577

Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Rubrik CDM Certificate Validation Vulnerability

Rubrik CDM is a cloud data management system from Rubrik USA. The system integrates backup, instant recovery, replication, search, analytics, archiving and replication data management into one secure architecture in the data center and in the cloud. A certificate validation vulnerability exists i...

UBUNTU-CVE-2016-1241

Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors...