21 matches found
CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Fedify's document loader. The HTML parsing regex at...
CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Fedify's document loader. The HTML parsing regex at...
WordPress BA Book Everything plugin <= 1.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via babe-search-form Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via babe-search-form Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BA Book Everything versions = 1.8.14...
EUVD-2018-1901
Malware in sbrugna...
WordPress plugin WP Mailster 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
CVE-2023-33995
Missing Authorization vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Gallery by 10Web: from n/a through = 1.8.15...
WordPress plugin Photo Gallery by 10Web 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...
PT-2024-12455 · 10Web · Photo Gallery
Name of the Vulnerable Software and Affected Versions: Photo Gallery by 10Web versions 1.8.15 and earlier Description: A broken access control vulnerability has been identified in the WordPress Photo Gallery by 10Web plugin. This issue allows exploiting incorrectly configured access control...
WordPress Plugin Photo Gallery by 10Web 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
SUSE CVE-2016-7032
sudonoexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the 1 system or 2 popen function...
GHSA-CRHM-QPJC-CM64 Django CSRF Protection Bypass
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies...
GHSA-CCW8-7688-VQX4 HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2...
PT-2021-21583 · Hashicorp +3 · Hashicorp Consul +4
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions prior to 1.8.15 HashiCorp Consul and Consul Enterprise versions prior to 1.9.9 HashiCorp Consul and Consul Enterprise versions prior to 1.10.2 Description: The issue allows non-server agents wit...
pdfbox: unbounded computation in parser resulting in a denial of service
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree...
haproxy security update
1.8.15-6.1 - - Fix hapack zero byte input causing overwrite CVE-2020-11100, 1819518 1.8.15-6 - Add gating tests 1682106...
MyBB < 1.8.15 Multiple Vulnerabilities (Jun 2018)
MyBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...
CVE-2018-1000502
MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...
MyBB <= 1.8.15 Open Redirection Vulnerability
MyBB is prone to an open redirect vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...
MyBB Redirection Vulnerability
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A security vulnerability exists in MyBB version 1.8.15, which is caused by the program failing to...
Apache Subversion Security Bypass Vulnerability
Apache Subversion is the United States Apache Apache Software Foundation of a set of open source version control system. The main role of the system is compatible with concurrent version management system CVS. A security bypass vulnerability exists in Apache Subversion versions 1.9.0 through 1.9....