CLEANSTART-2026-RG22668 Security fixes for CVE-2026-27145, CVE-2026-39824, CVE-2026-42504, CVE-2026-42507 applied in versions: 1.0.10-r4, 1.0.10-r5

Multiple security vulnerabilities affect the wait-for-port package. These issues are resolved in later releases. See references for individual vulnerability details...

WordPress plugin HAPPY 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

DOMPurify 跨站脚本漏洞

DOMPurify is a JavaScript-based tool developed by Cure53’s individual developer, designed for working with the DOM Document Object Model in HTML, MathML, and SVG. Versions of DOMPurify from 1.0.10 to 3.4.0 contained a cross-site scripting vulnerability. This vulnerability occurred because the...

WordPress plugin Quanzo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Aldo theme <= 1.0.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Aldo versions = 1.0.10...

EUVD-2025-205993

Missing Authorization vulnerability in merkulove Slider for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider for Elementor: from n/a through 1.0.10...

WordPress Crumber plugin <= 1.0.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Crumber versions = 1.0.10...

CVE-2025-58759 TinyEnv: Inline comments not stripped properly in .env values

TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...

Linux Distros Unpatched Vulnerability : CVE-2021-37218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality,...

WordPress Tripster theme <= 1.0.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Tripster versions = 1.0.10...

CVE-2024-37938

Cross-Site Request Forgery CSRF vulnerability in MyThemeShop SociallyViral.This issue affects SociallyViral: from n/a through 1.0.10...

PT-2024-36558 · Colpack +1 · Colpack +1

Name of the Vulnerable Software and Affected Versions: ColPack versions 1.0.10 through 9a7293a Description: The issue is related to the creation of predictable temporary files in ColPack, located under /tmp with names derived from an unseeded Random Number Generator RNG. This can lead to...

ColPack 安全漏洞

ColPack is a library of graphical coloring algorithms for CSCsw individual developers. A security vulnerability exists in ColPack versions 1.0.10 through 9a7293a and earlier, which stems from a predictable temporary file that could result in overwriting files or preventing other users from drawin...

PT-2022-22348 · Jenkins · Jenkins Deployment Dashboard Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Deployment Dashboard Plugin versions 1.0.10 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. This issue...

PT-2022-22351 · Jenkins · Jenkins Deployment Dashboard Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Deployment Dashboard Plugin versions 1.0.10 and earlier Description: The issue concerns the storage of a password in an unencrypted form in the global configuration file on the Jenkins controller. This file, specifically...

net.mingsoft:ms-ad (=1.0.0), net.mingsoft:ms-clean (>=1.0.0 <=1.0.1) +23 more potentially affected by CVE-2021-46062 via net.mingsoft:ms-basic (>=1.0.10 <=2.1.15)

net.mingsoft:ms-basic MAVEN version =1.0.10, =1.0.0, =1.0.4, =1.0.0, =4.6.3-SNAPSHOTS, =1.0.0, =1.0.4, =1.0.0, =1.0.1, =1.0.1, =1.0.2 and more Source cves: CVE-2021-46062 Source advisory: OSV:GHSA-RPVR-MW7R-25XX...

Privilege escalation

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin. WordPress Smart Email Alerts plug-in has a cross-site...