ChurchCRM 安全漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.1.0 contained security vulnerabilities. These vulnerabilities stemmed from improper encoding of the EName and EDesc parameters in the EditEventAttendees.php file, which could lead to cross-site scripti...

CVE-2025-70365

A stored cross-site scripting XSS vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users viewing the affected...

Linux Distros Unpatched Vulnerability : CVE-2026-5442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of...

SUSE CVE-2026-31842

Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive comparison of the Transfer-Encoding header in src/reqs.c. The ischunkedtransfer function uses strcmp to compare the header value against "chunked", even though RFC 7230 specifies that...

Improper Encoding or Escaping of Output

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in JsonAccessLogValve, which relies on an unescaped append in generating JSON logs. If...

Improper Encoding or Escaping of Output

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in JsonAccessLogValve, which relies on an unescaped append in generating JSON logs. If non-default values are used for th...

CLSA-2026-1775643576 squid: Fix of CVE-2023-46848

CVE-2023-46848: fix userinfo percent-encoding...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the validate function in the /api/configuration/name configuration API endpoint. An attacker can gain unauthorized read access to sensitive configuration files outside the intended directory by submitting special...

Emissary has a Path Traversal via Blacklist Bypass in Configuration API

Summary The configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants, double-encoding, or Unicode normalization to achieve path traversal and...

File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

Summary The resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other content-serving endpoints /api/raw, /api/preview, /api/subtitle correctly verify this permission before serving content. A user with download: fals...

vim security update

8.0.1763-22.0.1.el810.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-22.1 - RHEL-159620 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155428...

CVE-2026-4406

The CVE concerns Gravity Forms for WordPress (≤ 2.9.30) with a Reflected XSS in the gform_get_config AJAX action via the form_ids parameter. The root cause is that GFCommon::send_json() returns JSON wrapped in HTML comments using echo/wp_die(), sending a text/html header instead of application/js...

DEBIAN-CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

CVE-2026-39346 OrangeHRM has Improper Access Control Allowing Access to Disabled Modules via URL Encoding

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disabled-module access controls via URL-encoded request paths and access functionality of modules disabled by an administrator. This vulnerability is fix...

EUVD-2026-19856

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disabled-module access controls via URL-encoded request paths and access functionality of modules disabled by an administrator. This vulnerability is fix...

CVE-2026-39346 OrangeHRM has Improper Access Control Allowing Access to Disabled Modules via URL Encoding

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disabled-module access controls via URL-encoded request paths and access functionality of modules disabled by an administrator. This vulnerability is fix...

CVE-2026-39333

ChurchCRM is an open-source church management system. Prior to 7.1.0, he FindFundRaiser.php endpoint reflects user-supplied input DateStart and DateEnd into HTML input field attributes without proper output encoding for the HTML attribute context. An authenticated attacker can craft a malicious U...

CVE-2026-35583

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...

CVE-2026-35583 Emissary has a Path Traversal via Blacklist Bypass in Configuration API

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...

CVE-2026-35583

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...