CVE-2023-1974

Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8...

CVE-2021-24910

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in the response, leading to a Reflected Cross-Si...

ResourcePack Server Security Vulnerability

ResourcePack Server is a small server hosting server resource pack by Brian Duan, an individual developer in China. A security vulnerability exists in iceice666 ResourcePack Server versions prior to v1.0.8, which stems from a vulnerability that allows remote attackers to disclose files on the...

openBI 访问控制错误漏洞

openBI is a big data visualization solution from openBI, Inc. An access control error vulnerability exists in openBI prior to version 1.0.8, which stems from a problem with the dlfile function in the /application/index/controller/Screen.php file that could lead to incorrect access control...

GHSA-5V8V-66V8-MWM7 Integer overflow in the bundled Brotli C library

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

Microsoft Actions Http-Client Information Disclosure Vulnerability

Microsoft Actions Http-Client is the United States Microsoft Microsoft a lightweight HTTP client. An information disclosure vulnerability exists in Microsoft Actions Http-Client NPM @actions/http-client versions prior to 1.0.8. The vulnerability stems from a configuration or other error in the...