CVE-2026-39716

Missing Authorization vulnerability in CKThemes Flipmart flipmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flipmart: from n/a through = 2.8...

WordPress plugin Upload Files Anywhere 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Upload Files Anywhere versions = 2.8...

WordPress Mail Baby SMTP plugin <= 2.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Mail Baby SMTP versions = 2.8...

CVE-2020-11841

Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure...

WordPress plugin wp custom countdown 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-19166 · Rancher · Rancher Rke1

Name of the Vulnerable Software and Affected Versions: Rancher RKE1 versions 2.7.0 through 2.7.13 Rancher RKE1 versions 2.8.0 through 2.8.4 Description: A vulnerability has been identified in which an RKE1 cluster keeps constantly reconciling when secrets encryption configuration is enabled. When...

PT-2024-3951 · Myoffice · Myoffice Sdk

Name of the Vulnerable Software and Affected Versions: New Cloud MyOffice SDK Collaborative Editing Server versions 2.2.2 through 2.8 Description: The issue is related to the implementation of the WOPI protocol in the MyOffice SDK, which lacks sufficient checking of incoming requests. This allows...

SUSE CVE-2016-3734

Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...

SUSE CVE-2017-9765

Integer overflow in the soapget function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow and application crash via a large XML document, aka Devil'...

Jenkins RQM Plugin 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerabilit...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35994 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35994 Source advisory: OSV:GHSA-FHFC-2Q7X-929F...

DEBIAN-CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...

DEBIAN-CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

UBUNTU-CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

PYSEC-2020-10

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branch...

PT-2020-3040

Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.x through 2.7.14 Ansible versions 2.8.x through 2.8.6 Ansible versions 2.9.x through 2.9.0 Description The issue is related to the absence of consideration for the no log flag in Ansible's system management configuration...

DEBIAN-CVE-2019-18887

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel...

ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +5714 more potentially affected by CVE-2018-14718 via com.fasterxml.jackson.core:jackson-databind (>=2.8.0 <=2.8.11.2)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.8.0, =0.1.8, =0.5, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.9 and more Source cves: CVE-2018-14718 Source advisory: OSV:GHSA-645P-88QH-W398...

PT-2018-6840 · Symfony +1 · Symfony +1

Name of the Vulnerable Software and Affected Versions: Symfony versions 2.7.x through 2.7.32 Symfony versions 2.8.x through 2.8.25 Symfony versions 3.x through 3.2.12 Symfony versions 3.3.x through 3.3.5 Description: The issue concerns a problem with the debug handler in Symfony, where there is a...