Linux Distros Unpatched Vulnerability : CVE-2018-12466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links. CVE-2018-12466 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2021-21836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A speciall...

Linux Distros Unpatched Vulnerability : CVE-2020-10956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature. CVE-2020-10956 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2021-39897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have...

Linux Distros Unpatched Vulnerability : CVE-2021-40572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmxfinalize function in reframeav1.c, which allows attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2023-4630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions...

Linux Distros Unpatched Vulnerability : CVE-2020-13308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from...

CVE-2025-9670

CVE-2025-9670 concerns mixmark-io turndown up to 7.2.1, with a vulnerability in src/commonmark-rules.js that leads to inefficient regular-expression handling. IBM Security SOAR versions 51.0.7.x and earlier are affected; IBM recommends upgrading to v51.0.8.0 to address the issue. The vulnerabilit...

GO-2025-3895 HydrAIDE Authentication Bypass Vulnerability in github.com/hydraide/hydraide

HydrAIDE Authentication Bypass Vulnerability in github.com/hydraide/hydraide. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...

Malicious code in typescript-api-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 398036095e479d925d07bcf55655437c9689808b7e019efbbfc071fcd4c459ac The OpenSSF Package Analysis project identified 'typescript-api-project' @ 10.0.1 npm as malicious. It is considered malicious because: - The...

MAL-2025-41814 Malicious code in typescript-api-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 398036095e479d925d07bcf55655437c9689808b7e019efbbfc071fcd4c459ac The OpenSSF Package Analysis project identified 'typescript-api-project' @ 10.0.1 npm as malicious. It is considered malicious because: - The...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter txtMemberType in the file /setting/membertypesetup.php. An attack...

CVE-2025-58335

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was possible via searchproject function...

CVE-2025-58335

CVE-2025-58335 affects JetBrains Junie prior to multiple build lines (252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50). The vulnerability is an information disclosure via the search_project function, wi...

CVE-2025-58335

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was possible via searchproject function...

CVE-2025-54714

Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through = 3.3.201...

CVE-2025-54714

CVE-2025-54714 involves Zephyr Project Manager (WordPress plugin) with a Missing Authorization/Broken Access Control issue affecting versions through 3.3.201. Reported details include CVSS v3.1 base score 7.1 (High) with network attack vector, low privileges required, no user interaction, confide...

CVE-2025-54714 WordPress Zephyr Project Manager Plugin <= 3.3.201 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through = 3.3.201...

CVE-2025-54714 WordPress Zephyr Project Manager Plugin <= 3.3.201 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zephyr Project Manager: from n/a through 3.3.201...

Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them

Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, t...