CVE-2026-43504

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in a paused scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43506

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections...

CVE-2026-43505

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43506

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections...

CVE-2026-43505

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur...

CVE-2024-34694

LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...

EUVD-2021-0114

Malware in sbrugna...

EUVD-2019-0154

Malware in sbrugna...

CVE-2021-32091

A Cross-site scripting XSS vulnerability exists in StackLift LocalStack 0.12.6...

CVE-2019-19588

The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6...

OPENSUSE-SU-2023:0102-1 Security update for editorconfig-core-c

This update for editorconfig-core-c fixes the following issues: Update to version 0.12.6: - CVE-2023-0341: Fixed a buffer overflow in ecblob boo1211032 - Update property key, value length limits per spec change...

SUSE CVE-2019-19588

The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6...

PT-2023-16194 · Unknown +3 · Editorconfig-Core-C +3

Name of the Vulnerable Software and Affected Versions: editorconfig-core-c versions prior to 0.12.6 Description: A stack buffer overflow exists in the ec glob function, allowing an attacker to arbitrarily write to the stack and possibly enabling remote code execution. This issue is resolved in...

CVE-2022-35583

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets...

wkhtmltopdf 代码问题漏洞

wkhtmltopdf is wkhtmltopdf open source a library . Used to convert HTML to PDF. A code issue vulnerability exists in wkhtmltopdf version 0.12.6, which stems from the fact that it allows an attacker to gain initial access to a target system by injecting an iframe tag with the IP address of the...

gogs 代码问题漏洞

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the GOGS team, which supports creating and migrating public/private repositories, adding and deleting repository collaborators, and so on. A security vulnerability exists in versions prior to gogs 0.12.6, which...

GHSA-77CR-6GR8-7RR9 Use After Free in HashiCorp Nomad

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6...

PYSEC-2021-101

The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter...

PYSEC-2021-102

A Cross-site scripting XSS vulnerability exists in StackLift LocalStack 0.12.6...

StackLift LocalStack 命令注入漏洞

StackLift LocalStack is a StackLift open source application. Provides an easy-to-use testing framework for cloud applications. A command injection vulnerability exists in StackLift LocalStack version 0.12.6, which can be exploited by an attacker to inject arbitrary shell commands via the...