ado-vllm-performance (>=1.2.2 <=1.3.3), agentclinic (=0.1.0) +37 more potentially affected by CVE-2026-7141 via vllm (>=0.10.0 <=0.19.0)

vllm PYPI version =0.10.0, =1.2.2, =0.0.0, =2.3.5, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.0, =0.3.9, =0.5.2, =0.1.0, =0.1.5, =0.2.0 - gfmrag =2.0.0 and more Source cves: CVE-2026-7141 Source advisory: OSV:GHSA-X368-4G9H-FVV4...

CVE-2026-5083

Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked fr...

CVE-2026-5083 Ado::Sessions versions through 0.935 for Perl generates insecure session ids

Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked fr...

CVE-2026-5083

CVE-2026-5083 affects the Perl module Ado::Sessions up to version 0.935. The vulnerability stems from generating session IDs with a SHA-1 hash seeded by the built-in rand() function, the epoch time, and the PID. The PID comes from a small set of numbers, and the epoch time may be guessed if not l...

Ado::Sessions 安全漏洞

Ado::Sessions is a lightweight Perl-based web application development framework developed by. Versions of Ado::Sessions prior to 0.935 contained security vulnerabilities; these vulnerabilities stemmed from the generation of insecure session IDs, which could lead to session hijacking...

PT-2026-31088

Name of the Vulnerable Software and Affected Versions Ado::Sessions versions through 0.935 Description The Ado::Sessions Perl module generates insecure session IDs. The session ID is created using a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID PID. The PID...

ado-vllm-performance (>=1.2.2 <=1.3.3), agentclinic (=0.1.0) +73 more potentially affected by CVE-2026-25048 via xgrammar (>=0.1.11 <=0.1.29)

xgrammar PYPI version =0.1.11, =1.2.2, =0.0.0, =2.3.5, =0.8.4, =0.2.2, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.2, =0.1.1, =0.1.1, =0.0.2, =0.1.0 and more Source cves: CVE-2026-25048 Source advisory: OSV:GHSA-7RGV-GQHR-FXG3...

Linux Distros Unpatched Vulnerability : CVE-2025-46337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a...

Linux Distros Unpatched Vulnerability : CVE-2011-3699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation...

MAL-2025-9728 Malicious code in @zalastax/nolb-_ado (npm)

The package @zalastax/nolb-ado was found to contain malicious code...

DEBIAN-CVE-2025-54119

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database a...

UBUNTU-CVE-2025-54119

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database a...

Malicious code in ado-codespaces-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acd2e4a00a6fa99e47e9f10ae7238f2faaf2dd65d07678a4f33037a25ef636c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2025-46337

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-8769 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-8769 Source advisory: SNYK:PYTHON-AIM-9510955...

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2024-11041 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2024-11041 Source advisory: SNYK:PYTHON-VLLM-9513025...

Azure DevOps Server 2022 XSS

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a cross-site scripting vulnerability. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the user's...

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (June 2023)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple server spoofing vulnerabilities. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the...

SUSE CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

SUSE CVE-2006-0410

SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings...