119 matches found
CVE-2026-41073
RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...
EUVD-2026-31269
Request Tracker is vulnerable to a reflected cross-site scripting XSS vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0....
CVE-2026-6841
Request Tracker is vulnerable to a reflected cross-site scripting XSS vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0....
CVE-2025-70069
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial method...
PT-2026-36809
Name of the Vulnerable Software and Affected Versions Assimp version 6.0.2 Description A remote attacker can cause a denial of service through the MeshGeometry::MeshGeometry function within the FBXMeshGeometry.cpp file. Recommendations At the moment, there is no information about a newer version...
WordPress Checkout with Cash App on WooCommerce plugin <= 6.0.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Checkout with Cash App on WooCommerce versions = 6.0.2...
PT-2026-5877
Name of the Vulnerable Software and Affected Versions Django versions prior to 6.0.2 Django versions prior to 5.2.11 Django versions prior to 4.2.28 Django versions 5.0.x and earlier Django versions 4.1.x and earlier Django versions 3.2.x and earlier Description The...
CVE-2026-24814 A integer overflow in swoole/swoole-src
Integer Overflow or Wraparound vulnerability in swoole swoole-src thirdparty/hiredis modules. This vulnerability is associated with program files sds.C. This issue affects swoole-src: before 6.0.2...
CVE-2025-61873
Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...
UBUNTU-CVE-2025-61873
Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...
CVE-2025-61873
Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...
CVE-2025-12066
The WP Delete Post Copies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-12066
The WP Delete Post Copies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
PT-2025-47712
The WP Delete Post Copies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
EUVD-2021-22796
Malware in sbrugna...
EUVD-2005-2285
Malware in sbrugna...
EUVD-2022-53925
Malicious code in bioql PyPI...
EUVD-2024-50081
Malicious code in bioql PyPI...
EUVD-2022-0743
Malicious code in bioql PyPI...
EUVD-2022-4194
Malicious code in bioql PyPI...