8 matches found
CVE-2026-44072
Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...
WordPress Radius Blocks plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via subHeadingTagName Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via subHeadingTagName Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Radius Blocks versions = 2.2.1...
go-api-starter (>=0.0.0 <=1.3.0), redux-starter (>=0.0.0 <=1.1.0) potentially affected by unknown CVE via kik-starter (>=0.0.1 <=2.2.1)
kik-starter NPM version =0.0.1, =0.0.0, =0.0.0, =1.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-24454...
CVE-2025-49047
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in keeross DigitalOcean Spaces Sync do-spaces-sync allows Stored XSS.This issue affects DigitalOcean Spaces Sync: from n/a through = 2.2.1...
PT-2024-25413 · Real Big Plugins · Real Big Plugins Client Dash
Name of the Vulnerable Software and Affected Versions: Real Big Plugins Client Dash versions 2.2.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Real Big Plugins Client Dash. Recommendations: For versions 2.2.1 and earlier, update to a version later tha...
GHSA-F9XV-Q969-PQX4 Uncaught Exception in yaml
Uncaught Exception in GitHub repository eemeli/yaml starting at version 2.0.0-5 and prior to 2.2.2...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 02-infrastructure (=1.0.0) +53822 more potentially affected by CVE-2021-23337 via lodash.template (>=2.2.1 <=4.5.0)
lodash.template NPM version =2.2.1, =1.0.1, =0.0.2, =0.0.10 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 - 0xgank-tea-characteristic =1.0.0 -...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20677 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...