Linux Distros Unpatched Vulnerability : CVE-2025-53922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in a...

CVE-2025-57327

spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

CVE-2024-13282

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0...

Template 安全漏洞

Template is a quick and easy string template by Blake Embrey Personal Developer. A security vulnerability exists in Template versions prior to 1.2.0 that stems from the ability to inject and run code in a template if an attacker is authorized to write the template name...

AZL-35663 CVE-2024-24786 affecting package kubevirt for versions less than 1.2.0-10

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

Pimcore Security Vulnerability

Pimcore is Austria's Pimcore company's set of open source for the creation and management of Web applications Web content management platform. The platform integrates Web content management, e-commerce frameworks and product information management applications. A security vulnerability exists in...

CVE-2022-1950

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

WordPress plugin Youzify SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogging sites on PHP and MySQL servers. A SQL injection vulnerability exists in the...

Chris Brame Trudesk 代码问题漏洞

Chris Brame Trudesk is an open source helpdesk/ticketing solution from Chris Brame USA. A code issue vulnerability vulnerability exists in versions prior to Chris Brame Trudesk 1.2.0 that stems from a lack of filtering and escaping in the svg file upload function...

UBUNTU-CVE-2016-4552

Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message...

Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)

lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service infinite loop via a crafted OGG file, aka trac Changeset 13217...