@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.0.24) +59 more potentially affected by CVE-2026-33287 via liquidjs (>=10.10.0 <=10.24.0)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =1.0.1-beta.0, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.1.0, =15.0.0, =34.0.0 - @fahami/directus-pkce =1.0.0 and more Source cves: CVE-2026-33287 Source advisory: OSV:GHSA-6Q5M-63H6-5X4V...

Astra Linux - уязвимость в mariadb

MariaDB Server 10.10 through 10.11. and 11.0 through 11.4. crashes in JOIN::fixallsplittingsinplan...

CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

EUVD-2025-34742

Mattermost has a Missing Authorization vulnerability...

Mattermost Server 10.10.x < 10.10.2 / 10.11.0 Missing Authorization (MMSA-2025-00513)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00513 advisory. - Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or...

Mattermost Missing Authorization vulnerability

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

CVE-2025-9076 Mattermost Server exposes sensitive user credentials during shared channel membership synchronization

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

SUSE CVE-2023-52971

MariaDB Server 10.10 through 10.11. and 11.0 through 11.4. crashes in JOIN::fixallsplittingsinplan...

Linux Distros Unpatched Vulnerability : CVE-2023-52971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server 10.10 through 10.11. and 11.0 through 11.4. crashes in JOIN::fixallsplittingsinplan. CVE-2023-52971 Note that Nessus relies on the presence of th...

PT-2025-6452 · WordPress · Wp Booking Calendar

Name of the Vulnerable Software and Affected Versions: WP Booking Calendar plugin for WordPress versions up to, and including, 10.10 Description: The issue allows unauthenticated attackers to manipulate their confirmed bookings, even after they have been approved, due to the plugin not properly...

CVE-2022-23691

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an attacker to bypass system authentication and achieve total switch compromise in ArubaOS-CX Switches versions:...

CVE-2016-4397

A local code execution security vulnerability was identified in HP Network Node Manager i NNMi v10.00, v10.10 and v10.20 Software...

CVE-2017-14352

A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow cross-site scripting...