CVE-2026-41134

Kiota is an OpenAPI-based HTTP client code generator. Versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks ( serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default...

Kiota: Code Generation Literal Injection

CVE Advisory CVE-2026-41134: Code Generation Literal Injection in Kiota Summary Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template...

CVE-2025-12220

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12220

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12220 Busybox 1.31.1 - Multiple Known Vulnerabilities

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12220

The vulnerability CVE-2025-12220 affects Busybox 1.31.1 and impacts Azure Access Technology BLU-IC2 (through 1.19.5) and BLU-IC4 (through 1.19.5). The root cause is issues in Busybox within these devices; exact technical details are not included in the provided documents. Remediation: update Busy...

WordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Certus Cybersecurity in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.31.0...

WordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Certus Cybersecurity in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.31.0...

Linux Distros Unpatched Vulnerability : CVE-2018-0504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid CVE-2018-0504 Note that Nessus...

lakeFS 安全漏洞

lakeFS is an open source tool from Treeverse Open Source that converts your object store into a Git-like repository. A security vulnerability exists in lakeFS version 1.31.1, which stems from the fact that when a new user is created with the username of a deleted user, the new user inherits all t...

PT-2024-31787 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions 1.31 through 1.31.1 Description: Envoy is a cloud-native high-performance edge/middle/service proxy. In version 1.31, Envoy is using oghttp as the default HTTP/2 codec, and there are potential bugs around stream management in t...

Critical: Red Hat Security Advisory: Release of OpenShift Serverless 1.31.1

Red Hat OpenShift Serverless version 1.31.1 is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

WordPress plugin Advanced Ads 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.

...

UBUNTU-CVE-2015-1853

chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service inability to synchronize via random timestamps in crafted NTP data packets...

nghttp2: Null pointer dereference when too large ALTSVC frame is received

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

nghttp2: Null pointer dereference when too large ALTSVC frame is received

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

SUSE-RU-2019:0386-1 Security update for rust

Rust was updated to version 1.31.1...

DEBIAN-CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

Security fix for the ALT Linux 9 package mediawiki version 1.31.1-alt1

Sept. 29, 2018 Vitaly Lipatov 1.31.1-alt1 - new version 1.31.1 with rpmrb script - CVE-2018-0503, CVE-2018-0505, CVE-2018-1325 - fix apache configs...