4 matches found
UBUNTU-CVE-2026-54902
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys ≥ 35 bytes from garbage collection, and a Ruby callback that triggers GC inside hashend ca...
CVE-2026-31924
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...
PT-2026-25341
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the freerdp bitmap decompress planar function where an out-of-bounds read can occur when the SrcSize is 0. The...
WordPress Advance Seat Reservation Management for WooCommerce plugin <= 3.3 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Aiden Thái An in WordPress Plugin Advance Seat Reservation Management for WooCommerce versions = 3.3...