CVE-2026-0716 affecting package libsoup for versions less than 3.0.4-12

CVE-2026-0716 affecting package libsoup for versions less than 3.0.4-12. A patched version of the package is available...

CVE-2025-69388

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

WordPress plugin Cliengo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

UBUNTU-CVE-2026-24122

Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...

CVE-2026-23545

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...

CVE-2026-0944

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...

CVE-2025-62872 WordPress Social Photo Fetcher plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in JK Social Photo Fetcher facebook-photo-fetcher allows Cross Site Request Forgery.This issue affects Social Photo Fetcher: from n/a through = 3.0.4...

CVE-2023-53154 affecting package apparmor for versions less than 3.0.4-5

CVE-2023-53154 affecting package apparmor for versions less than 3.0.4-5. A patched version of the package is available...

AZL-61945 CVE-2025-4969 affecting package libsoup for versions less than 3.0.4-9

A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated...

AZL-59539 CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-12

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

AZL-61774 CVE-2025-30472 affecting package corosync 3.0.4-4

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet...

CVE-2025-21131

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21130

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2025-1279 · Adobe · Substance3D - Stager

Name of the Vulnerable Software and Affected Versions: Substance3D - Stager versions 3.0.4 and earlier Description: The issue is related to a stack-based buffer overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

iTop 路径遍历漏洞

iTop is a platform that provides all the resources needed to optimize iTop. A security vulnerability exists in iTop versions 3.0.4 and 3.1.1 that stems from a flaw in the dashboard editor. An attacker exploiting this vulnerability could load multiple files and URLs, as well as expose the full pat...

iTop 跨站脚本漏洞

iTop is a platform that provides all the resources needed to optimize iTop. A security vulnerability exists in iTop versions 2.7.10, 3.0.4, and 3.1.1, which stems from a Dashlet-edited ajax endpoint that can be used to generate cross-site scripting...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

PT-2023-31076 · Unknown · Commentluv

Name of the Vulnerable Software and Affected Versions: CommentLuv versions 3.0.4 and earlier Description: A Server-Side Request Forgery SSRF issue has been identified. This allows an attacker to trick the server into making unintended requests, potentially leading to unauthorized access to...

Cross site scripting

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2023-34447 iTop XSS vulnerability on pages/UI.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...