CLEANSTART-2026-GB83728 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.14.0-r0, 1.14.0-r1, 1.14.0-r2

Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

WordPress plugin Midi 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Foodie theme <= 1.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Foodie versions = 1.14...

CVE-2025-9493

CVE-2025-9493 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin Admin Menu Editor. The root cause is insufficient input sanitization and output escaping for the placeholder parameter, enabling an authenticated attacker with Author-level access or higher to inject scrip...

WordPress Post Custom Templates Lite plugin <= 1.14 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Post Custom Templates Lite versions = 1.14...

CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

UBUNTU-CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

CVE-2025-55763

CVE-2025-55763 describes a buffer overflow in CivetWeb’s URI parser (versions 1.14–1.16) that can be triggered by a crafted HTTP request, allowing a remote attacker to potentially execute arbitrary code or cause a denial of service by corrupting heap memory during request processing. The connecte...

CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

PT-2024-21050 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.14 through 1.14.6 Description: The issue affects Cilium users who are using CRDs to store Cilium state and Wireguard transparent encryption. Traffic to and from the Ingress and health endpoints is not encrypted. This issue...

@archey347/uf_blog (=0.0.0), @boldreports/angular-reporting-components (>=5.1.20 <=11.1.10) +19 more potentially affected by CVE-2025-3573 via jquery-validation (>=1.14.0 <=1.19.5)

jquery-validation NPM version =1.14.0, =5.1.20, =5.1.20, =5.1.20, =0.0.4, =4.0.0, =5.0.0, =0.0.2, =0.2.2, =3.0.0, =5.0.0, =5.0.0, =0.11.28, =0.0.8, =0.0.13 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JS-JQUERYVALIDATION-5952285...

ai.preferred:venom (>=4.1.3 <=4.2.5), at.ganzleicht.vaadin:vaadin-client-compiler (>=9.1.1 <=9.1.2) +1591 more potentially affected by CVE-2020-5529 via net.sourceforge.htmlunit:htmlunit (>=1.14 <=2.36.0)

net.sourceforge.htmlunit:htmlunit MAVEN version =1.14, =4.1.3, =9.1.1, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =1, =0.9.6, =0.9.6, =0.1.1, =0.5.0, =0.11.1, =0.30.0 and more Source cves: CVE-2020-5529 Source advisory: OSV:GHSA-5MH9-R3RR-9597...

CVE-2020-10024

The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 a...

SimpleSAMLphp Security Bypass Vulnerability (CNVD-2017-24382)

SimpleSAMLphp is a PHP authentication application that implements the SAML2.0 service provider and identity provider functionality . A security bypass vulnerability exists in SimpleSAMLphp 1.14.x through 1.14.11, which can be exploited by attackers to bypass security restrictions and perform...

ALPINE-CVE-2016-6321

Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal. Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related...

UBUNTU-CVE-2016-6321

Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...