UBUNTU-CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-ba...

CVE-2025-69297 WordPress Aardvark Plugin plugin <= 2.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aardvark Plugin: from n/a through = 2.19...

CVE-2025-69297

CVE-2025-69297 concerns the WordPress Aardvark Plugin (aardvark-plugin) with versions through 2.19, due to Missing Authorization that enables broken access control. The issue affects GhostPool Aardvark Plugin and is described as an Incorrectly Configured Access Control Security Levels vulnerabili...

PT-2026-1023

Name of the Vulnerable Software and Affected Versions Signal K Server versions prior to 2.19.0 Description Signal K Server is a server application used in marine environments. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API...

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

WordPress plugin Export All Posts 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is ...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the querystring processing. An attacker can exhaust system resources and disrupt service availability by submitting excessively long Boolean or disjunction queries. PoC GET search "query": "querystring":...

ansible-core-2.19-2.19.4-1.1 on GA media (moderate)

ansible-core-2.19-2.19.4-1.1 on GA media Announcement ID: openSUSE-SU-2025:15754-1 Rating: moderate Cross-References: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-11079 CVE-2024-8775 CVE-2024-9902 CVSS scores: CVE-2023-5115 SUSE : 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2023-57...

CVE-2025-28041

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication...

CVE-2025-28041

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication...

OpenSearch Dashboards Reports 安全漏洞

OpenSearch Dashboards Reports is an OpenSearch open source application. It is used to export and automate PNG, PDF and CSV reports in OpenSearch Dashboard. A security vulnerability exists in OpenSearch Dashboards Reports version 2.19, which stems from the Dashboards Reports module containing a...

Point B Getscreen 安全漏洞

Point B Getscreen is a browser-based remote desktop software from Point B Corporation. A security vulnerability exists in Point B Getscreen version 2.19.6, which stems from an unknown function in the file getscreen.msi that can lead to the creation of temporary files with insecure permissions...

SUSE CVE-2015-8400

The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...

PT-2019-11334 · Jenkins · Jenkins Slack Notification Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Slack Notification Plugin versions 2.19 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs, potentially capturing credentials...