PT-2026-47639

Name of the Vulnerable Software and Affected Versions Product Filter Widget for Elementor versions prior to 1.0.7 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary web scripts. This is achieved via a CSRF-style form auto-submission...

@excelltechkylc/code-generator (>=1.0.0 <=1.0.1), @excelltechkylc/compiler (>=1.0.0 <=1.0.1) +5 more potentially affected by CVE-2024-38985 via depath (=1.0.6)

depath NPM version =1.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on depath and may be impacted: - @excelltechkylc/code-generator =1.0.0, =1.0.0, =1.0.6, =1.0.6, =1.0.0, =1.0.4 - vitis-lowcode-renderer =1.0.0 - vitis-lowcode-simulator-renderer...

SUSE CVE-2024-37303

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

CVE-2021-33945

RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpasupplicant.conf. This vulnerabili...

PT-2004-2864 · Openbb · Openbb

Name of the Vulnerable Software and Affected Versions: OpenBB versions 1.0.6 and earlier Description: The issue allows remote attackers to execute arbitrary code by including the code in an image tag or a link, due to cross-site request forgery CSRF vulnerabilities in several files, including cp...