165 matches found
CVE-2021-33926
An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4...
CVE-2025-61668
Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a...
EUVD-2017-0091
Malware in sbrugna...
EUVD-2008-0008
Malware in sbrugna...
EUVD-2017-0093
Malware in sbrugna...
EUVD-2017-0095
Malware in sbrugna...
EUVD-2017-0096
Malware in sbrugna...
EUVD-2021-0188
Malware in sbrugna...
EUVD-2017-0094
Malware in sbrugna...
EUVD-2008-1400
Malware in sbrugna...
EUVD-2021-0196
Malware in sbrugna...
EUVD-2017-0092
Malware in sbrugna...
EUVD-2022-4607
Malicious code in bioql PyPI...
EUVD-2023-0204
Malicious code in bioql PyPI...
EUVD-2022-2540
Malicious code in bioql PyPI...
EUVD-2024-0263
Malicious code in bioql PyPI...
EUVD-2022-4170
Malicious code in bioql PyPI...
CVE-2025-61668 @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user
Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a...
CVE-2025-58047
Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when...
CVE-2021-3313
Plone CMS until version 5.2.4 has a stored Cross-Site Scripting XSS vulnerability in the user fullname property and the file upload functionality. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and...