VMware Spring Cloud Function security vulnerabilities

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from attempting to add an unlimited number of functions to the function registry, potentially...

Astra Linux - уязвимость в wireshark

Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...

Astra Linux - уязвимость в python-django

The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS...

CVE-2026-39324 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails, pact-broker-docker, ruby3.3-rails, ruby4.0-rails, pact-broker-docker-fips...

PT-2026-29856

Name of the Vulnerable Software and Affected Versions Rack versions 3.0.0.beta1 through 3.1.21 and versions 3.2.0 through 3.2.6 Description Rack’s Rack::Multipart::Parserhandle mime head function parses quoted multipart parameters using repeated Stringindex searches and Stringslice! operations...

WordPress plugin Kids Heaven: Code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000172 advisory. An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential...

ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.3_2.13 (>=1.1.1 <=1.2.10) +314 more potentially affected by CVE-2025-55039 via org.apache.spark:spark-network-common_2.13 (>=3.2.0 <=3.4.3)

org.apache.spark:spark-network-common2.13 MAVEN version =3.2.0, =1.0.6, =1.1.1, =1.2, =0.0.25, =0.0.25, =0.0.25, =0.0.86, =0.0.14, =0.20, =1.1.3, =1.4.0, =1.5.0, =1.5.0, =1.8.0 and more Source cves: CVE-2025-55039 Source advisory: SNYK:JAVA-ORGAPACHESPARK-13553869...

Linux Distros Unpatched Vulnerability : CVE-2020-11013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. lookup is a Helm template function introduced in Helm v3. ...

Linux Distros Unpatched Vulnerability : CVE-2018-13300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c ma...

Linux Distros Unpatched Vulnerability : CVE-2023-46998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert,...

Linux Distros Unpatched Vulnerability : CVE-2023-45199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. CVE-2023-45199 Note that Nessus relies on the presence of...

BlackBerry CylanceOPTICS 安全漏洞

BlackBerry CylanceOPTICS is a cloud-enabled Endpoint Detection and Response EDR solution from BlackBerry Canada. A security vulnerability exists in BlackBerry CylanceOPTICS versions 3.2 and 3.3, which stems from a tampering vulnerability in the installer package that allows an attacker to uninsta...

PT-2024-26381 · Cylance · Cylanceoptics

Name of the Vulnerable Software and Affected Versions: CylanceOPTICS for Windows versions 3.2 and 3.3 Description: A tampering vulnerability in the CylanceOPTICS Windows Installer Package could allow an attacker to potentially uninstall CylanceOPTICS from a system, thereby leaving it with only th...

GHSA-XXJ9-F6RV-M3X4 Django denial-of-service attack in the intcomma template filter

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings...

GHSA-M4CH-4M5F-2GP6 Bootbox.js Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

PT-2023-30287 · Unknown +1 · Bootbox.Js +1

Name of the Vulnerable Software and Affected Versions: BootBox Bootbox.js versions 3.2 through 6.0 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, and prompt functions. Recommendations: For BootBox Bootbox.js...

BootBox Bootbox.js Security Vulnerability

BootBox Bootbox.js is an alert, confirmation, and prompt dialog box for the Bootstrap framework from BootBox, Inc. A security vulnerability in BootBox Bootbox.js versions v.3.2 through v.6.0 stems from the presence of a cross-site scripting vulnerability that could allow a remote attacker to...

SUSE CVE-2023-45199

Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution...

Mbed TLS Security Vulnerability

Mbed TLS is an open source, portable, easy-to-use, readable and flexible SSL library. A security vulnerability exists in Mbed TLS versions 3.2.x through 3.5 and earlier, which stems from a buffer overflow issue. An attacker can exploit this vulnerability to remotely execute code...