ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10) +5201 more potentially affected by CVE-2026-24308 via org.apache.zookeeper:zookeeper (>=3.5.2-alpha <=3.8.5)

org.apache.zookeeper:zookeeper MAVEN version =3.5.2-alpha, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.0.25, =0.0.25, =0.0.25, =0.0.86, =0.20.0, =0.21.0 and more Source cves: CVE-2026-24308 Source advisory: SNYK:JAVA-ORGAPACHEZOOKEEPER-15443353...

CVE-2026-23512

SumatraPDF has a Untrusted Search Path vulnerability in version 3.5.2 and earlier when the Advanced Options setting is triggered. The code path executes notepad.exe without an absolute path, allowing a malicious notepad.exe placed in the installation directory to run arbitrary code with local acc...

sumatrapdf 代码问题漏洞

sumatrapdf is sumatrapdfreader open source a PDF reader. sumatrapdf 3.5.2 and previous versions of the code problematic vulnerability , the vulnerability stems from the execution of notepad.exe does not specify the absolute path , which may lead to arbitrary code execution...

CVE-2025-58680

Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through = 3.5.2...

Linux Distros Unpatched Vulnerability : CVE-2018-14631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provide...

CVE-2024-31248

Missing Authorization vulnerability in Team Plugins360 All-in-One Video Gallery.This issue affects All-in-One Video Gallery: from n/a through 3.5.2...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.2), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.2) +1 more potentially affected by CVE-2023-38992 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.2)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.2 Source cves: CVE-2023-38992 Source advisory: OSV:GHSA-WP6C-29R3-JQW9...

WordPress plugin Advanced Shipment Tracking for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

Solar-Log GmbH 跨站请求伪造漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A cross-site request forgery vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from the component's lack of data filtering and escaping...

Solar-Log GmbH 安全漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which can be exploited by attackers to obtain sensitive information...

Mellow Fish YetiShare Cross-Site Request Forgery Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the SameSite flag on session cookies. An attacker can exploit this vulnerability...

MFScripts YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A cross-site scripting vulnerability exists in the getallfileserverpaths.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of proper validation of...

Unspecified Vulnerability in Mellow Fish YetiShare (CNVD-2020-00226)

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in the class.userpeer.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program using an insecure method to create a password reset hash. An...

MFScripts YetiShare SQL Injection Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A SQL injection vulnerability exists in the translationmanagetext.ajax.php and multiple manage.ajax.php files in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of...

Mellow Fish YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the HttpOnly flag on session cookies. An attacker can exploit the vulnerability ...