Astra Linux - уязвимость в rustc

In the standard library of Rust before version 1.52.0, a double-free error can occur in the Vec::fromiter function if the process of freeing the element causes a panic...

Astra Linux - уязвимость в espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a buffer overflow issue due to a function called SetUpPhonemeTable in the synthdata.c file...

CVE-2025-68842

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalbounty Widget Logic Visual widget-logic-visual allows Reflected XSS.This issue affects Widget Logic Visual: from n/a through = 1.52...

CVE-2025-68842 WordPress Widget Logic Visual plugin <= 1.52 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalbounty Widget Logic Visual widget-logic-visual allows Reflected XSS.This issue affects Widget Logic Visual: from n/a through = 1.52...

CVE-2025-68842 WordPress Widget Logic Visual plugin <= 1.52 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalbounty Widget Logic Visual widget-logic-visual allows Reflected XSS.This issue affects Widget Logic Visual: from n/a through = 1.52...

PT-2026-21104

Name of the Vulnerable Software and Affected Versions Widget Logic Visual versions through 1.52 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Reflected Cross-site Scripting XSS. This means an attacker...

WordPress plugin Widget Logic Visual 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2025-57920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CK MacLeod Category Featured Images Extended category-featured-images-extended allows Stored XSS.This issue affects Category Featured Images Extended: from n/a through = 1.52...

CVE-2025-57920 WordPress Category Featured Images Extended Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CK MacLeod Category Featured Images Extended category-featured-images-extended allows Stored XSS.This issue affects Category Featured Images Extended: from n/a through = 1.52...

PT-2025-38771

Name of the Vulnerable Software and Affected Versions CK MacLeod Category Featured Images Extended versions through 1.52 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that...

Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow

...

CVE-2024-55964

An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...

CVE-2024-1275 Vulnerability in Baxter Welch Allyn Connex Spot Monitor

Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52...

OESA-2024-1021 espeak-ng security update

The eSpeak NG is a compact open source software text-to-speech synthesizer for Linux, Windows, Android and other operating systems. It supports 70 languages and accents. It is based on the eSpeak engine created by Jonathan Duddington. Security Fixes: Espeak-ng 1.52-dev was discovered to contain a...

SUSE CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

eSpeak NG Security Vulnerability

eSpeak NG is an open source software text-to-speech synthesizer from eSpeak NG Open Source. A security vulnerability exists in eSpeak NG version 1.52-dev, which stems from a floating point exception in the PeaksToHarmspect method of the wavegen.c file...

CVE-2021-32632 CSRF allowing modification of commands, modules, banphrases through hidden iFrames

Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are vulnerable to cross-site request forgery CSRF. Hosters of the bot should upgrade to v1.52 or stable to install the patch or, as a workaround, can add one modern dependency...

In the standard library in Rust before 1.52.0 the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.

...

PT-2021-14660 · Jenkins · Jenkins Configuration Slicing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration Slicing Plugin versions 1.51 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to apply different slice configurations to attacker-specified jobs. This issue arises because the for...

PT-2019-2298 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.52 and earlier Description: A sandbox bypass issue exists that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM by providing a Groovy script to an HTTP...