DEBIAN-CVE-2026-45300

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch prior to 3.0.10 leak Cookie headers to cross-origin redirect targets. When following a redirect to a...

Wireshark 3.0.x < 3.0.10 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.0.10. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.10 advisory. - In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed ...

CVE-2026-34203

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to versions 2.4.30 and 3.0.10, user creation and editing via the REST API fails to apply the password validation rules defined by Django's AUTHPASSWORDVALIDATORS setting which defaults to an empty list, i.e., no specific...

CVE-2026-34203

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to versions 2.4.30 and 3.0.10, user creation and editing via the REST API fails to apply the password validation rules defined by Django's AUTHPASSWORDVALIDATORS setting which defaults to an empty list, i.e., no specific...

WordPress Exhibz theme <= 3.0.9 - Local File Inclusion vulnerability

Software : Exhibz Type : Theme Vulnerable versions : = 3.0.9 Fixed in : 3.0.10 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-67523 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 211f5649fefe...

Unverified Password Change

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Unverified Password Change via the profile update process. An attacker can gain unauthorized access to user accounts by changing the email address associated with an account without additional verification...

WordPress plugin Simple Banner 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2016-5857

Malware in sbrugna...

EUVD-2016-5862

Malware in sbrugna...

EUVD-2016-5861

Malware in sbrugna...

EUVD-2025-18922

Malicious code in bioql PyPI...

EUVD-2024-2502

Malicious code in bioql PyPI...

EUVD-2023-2120

Malicious code in bioql PyPI...

EUVD-2023-59161

Malicious code in bioql PyPI...

EUVD-2023-1924

Malicious code in bioql PyPI...

EUVD-2023-1962

Malicious code in bioql PyPI...

SUSE CVE-2025-6545

Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2...

WordPress plugin Domain For Sale 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-3565

Cross-site Scripting XSS - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10...

CVE-2023-3531

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10...