74 matches found
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC – Fixed an oops error when removing custom query handlers When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013335)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013335 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the...
CVE-2026-39575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
EUVD-2026-20223
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
CVE-2026-39575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
CVE-2026-39575 WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
CVE-2026-39575 WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
CVE-2026-39575
CVE-2026-39575 affects the WordPress plugin “Custom Query Blocks” (Ronald Huereca) for the post-type-archive-mapping feature, with DOM-based XSS caused by improper neutralization of input during web page generation. Affected versions are
CVE-2026-39575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
PT-2026-31162
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...
WordPress plugin Custom Query Blocks 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-30979
A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of the argument...
Allocation of Resources Without Limits or Throttling
Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the customquery function. An attacker can cause excessive CPU or memory consumption by submitting crafted prompts that...
PYSEC-2026-86
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
CVE-2024-58339
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
PT-2026-2318
Name of the Vulnerable Software and Affected Versions LlamaIndex versions up to and including 0.12.2 Description LlamaIndex versions up to and including 0.12.2 have an issue where resource consumption is not properly controlled in the VannaPack VannaQueryEngine implementation. The custom query...
SUSE CVE-2023-54244
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...
Linux Distros Unpatched Vulnerability : CVE-2023-54244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causi...
EUVD-2023-60397
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...
CVE-2023-54244
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...