Astra Linux - уязвимость в etcd

An authentication vulnerability has been discovered in Etcd-io v.3.4.10. This vulnerability allows remote attackers to escalate privileges through the debug function...

PT-2026-33907

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.0 Description OpenEXR provides the specification and reference implementation of the EXR file format, which is an image storage format used in the motion picture industry. Recommendations At the moment, there...

FreeBSD : OpenEXR -- several integer overflow vulnerabilities (7b83af27-3a86-11f1-90cd-41d47652b1c2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7b83af27-3a86-11f1-90cd-41d47652b1c2 advisory. Cary Phillips reports: OpenEXR 3.4.10 is a patch release that addresses the following security...

CVE-2022-47425

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...

CVE-2022-47425

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...

PT-2025-50093

Name of the Vulnerable Software and Affected Versions ARMember versions through 3.4.10 Description A missing authorization issue exists in Repute Infosystems ARMember, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update ARMember to a version...

EUVD-2025-27184

Malicious code in bioql PyPI...

CVE-2025-58453

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior in the endpoint /WeGIA/html/memorando/exibeanexo.php, in the idanexo parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries,...

CVE-2025-58453

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior in the endpoint /WeGIA/html/memorando/exibeanexo.php, in the idanexo parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries,...

CVE-2025-58454 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'listar_despachos.php' parameter 'id_memorando'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listardespachos.php, in the idmemorando parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL...

CVE-2025-58454 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'listar_despachos.php' parameter 'id_memorando'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listardespachos.php, in the idmemorando parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL...

CVE-2025-58454 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'listar_despachos.php' parameter 'id_memorando'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listardespachos.php, in the idmemorando parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL...

CVE-2025-58453 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'exibe_anexo.php' parameter 'id_anexo'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior in the endpoint /WeGIA/html/memorando/exibeanexo.php, in the idanexo parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries,...

CVE-2025-57761

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

CVE-2025-57761

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

CVE-2025-31084 WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Object Injection.This issue affects Sunshine Photo Cart: from n/a through = 3.4.10...

WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Sunshine Photo Cart versions = 3.4.10...

WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Print Barcode Labels for your WooCommerce products/orders versions = 3.4.10...