CVE-2026-7722

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

Improper Authentication

Overview prefect is a Prefect is a new workflow management system, designed for modern infrastructure and powered by the open-source Prefect Core workflow engine. Users organize Tasks into Flows, and Prefect takes care of the rest. Affected versions of this package are vulnerable to Improper...

CVE-2026-7722

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

CVE-2026-7722 PrefectHQ prefect Health Check API health endswith improper authentication

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

PT-2026-36752

Name of the Vulnerable Software and Affected Versions PrefectHQ prefect versions prior to 3.6.22 Description Improper authentication in the Health Check API allows a remote attacker to perform a manipulation. This issue specifically impacts the endswith function within the '/api/health' endpoint...

CVE-2023-1835

The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

openSUSE Security Advisory (SUSE-SU-2024:1865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2265-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

WordPress plugin Ninja Forms Contact Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Ninja Forms < 3.6.22 - Reflected XSS

The plugin does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open...

Samba 3.x < 3.6.22 / 4.0.x < 4.0.13 / 4.1.x < 4.1.3 Multiple Vulnerabilities

According to its banner, the version of Samba running on the remote host is 3.3.x equal or later than 3.3.10, 3.4.x, 3.5.x, 3.6.x prior to 3.6.22, 4.0.x prior to 4.0.13 or 4.1.x prior to 4.1.3. It is, therefore, potentially affected by multiple vulnerabilities : - A security bypass vulnerability...

CentOS Update for firefox CESA-2011:1268 centos4 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2011:1268 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...