CVE-2026-46597 affecting package docker-compose for versions less than 2.27.0-11

CVE-2026-46597 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...

CVE-2025-40948

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

WordPress Perfmatters plugin <= 2.5.9.1 - Authenticated (Subscriber+) Arbitrary File Deletion via 'delete' Parameter vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via 'delete' Parameter vulnerability discovered by hoshino in WordPress Plugin Perfmatters versions = 2.5.9.1...

CVE-2025-47911 affecting package containerd2 for versions less than 2.0.0-18

CVE-2025-47911 affecting package containerd2 for versions less than 2.0.0-18. A patched version of the package is available...

CVE-2025-11065 affecting package gh for versions less than 2.62.0-13

CVE-2025-11065 affecting package gh for versions less than 2.62.0-13. A patched version of the package is available...

CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-13

CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-13. A patched version of the package is available...

CVE-2024-56835

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

PT-2025-45246

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.0.9...

WordPress LinkedIn Resume plugin <= 2.00 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin LinkedIn Resume versions = 2.00...

CVE-2025-2596

Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...

CVE-2025-1181 affecting package binutils for versions less than 2.37-12

CVE-2025-1181 affecting package binutils for versions less than 2.37-12. A patched version of the package is available...

WordPress Goodlayers Core plugin < 2.0.10 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Goodlayers Core versions 2.0.10...

AZL-54286 CVE-2024-45337 affecting package moby-compose for versions less than 2.17.3-9

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

CVE-2024-41907

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack...

AZL-42637 CVE-2024-35255 affecting package keda for versions less than 2.14.1-1

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

AZL-31215 CVE-2023-25663 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when ctx-stepcontainter is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1...

AZL-7288 CVE-2021-20718 affecting package mod_auth_openidc for versions less than 2.4.14.2-1

modauthopenidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service DoS condition via unspecified vectors...

CVE-2021-22128

An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality...