CVE-2026-25642

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

CVE-2026-25642

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

EUVD-2026-5588

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

PT-2026-6783

Name of the Vulnerable Software and Affected Versions HedgeDoc versions prior to 1.10.6 Description HedgeDoc is a real-time, collaborative, markdown notes application. Versions before 1.10.6 had a permissive Content-Security-Policy for files served under the /uploads/ endpoint. This allowed for t...

HedgeDoc 跨站脚本漏洞

HedgeDoc is a JavaScript-based platform for real-time editing and sharing of Markdown documents. Versions of HedgeDoc prior to 1.10.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of stricter security policies applied to files located in the /uploads/...

Fedora 42 : libpcap (2026-1e3425e7ea)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1e3425e7ea advisory. New version 1.10.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora: Security Advisory (FEDORA-2026-274010c760)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : libpcap (2026-274010c760)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-274010c760 advisory. New version 1.10.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Slackware Linux 15.0 / current libpcap Multiple Vulnerabilities (SSA:2026-001-02)

The version of libpcap installed on the remote host is prior to 1.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-001-02 advisory. New libpcap packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

WordPress plugin SureMembers 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress SureMembers plugin <= 1.10.6 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin SureMembers versions = 1.10.6...

CVE-2015-10098

A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function printmodulelist/showwarningssectionnotice/statustext/uigetactionlinks. The manipulation leads to cross site scripting. The attack may be...

Cross site scripting

A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function printmodulelist/showwarningssectionnotice/statustext/uigetactionlinks. The manipulation leads to cross site scripting. The attack may be...

PT-2023-13669 · Unknown · Visioweb.Js

Name of the Vulnerable Software and Affected Versions: Visioweb.js version 1.10.6 Description: The issue allows attackers to execute XSS on the client system through prototype pollution in Visioweb.js. This enables malicious activities on the client's system. Recommendations: For Visioweb.js...

Allocation of Resources Without Limits or Throttling

Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: The crypto/x509 package does not limit the amount of work performed for each chain...

FreeSWITCH < 1.10.6 Information Disclosure Vulnerability

FreeSWITCH is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

ALPINE-CVE-2021-41157

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of FreeSWITCH. Abuse...

FreeSWITCH 访问控制错误漏洞

FreeSWITCH is a free, open-source communications software program developed by Anthony Minessale, an individual developer in the United States. The software can be used to create audio, video, and SMS products and applications. FreeSWITCH suffers from an Access Control Error vulnerability that...

FreeSWITCH 安全漏洞

FreeSWITCH is a free, open-source communications software program developed by Anthony Minessale, an individual developer in the United States. The software can be used to create audio, video, and SMS products and applications. A security vulnerability exists in SignalWire freeswitch, which stems...