CVE-2022-31541

The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2025-52741

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Barry Kooij Post Connector post-connector allows Reflected XSS.This issue affects Post Connector: from n/a through = 1.0.11...

EUVD-2025-35490

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Barry Kooij Post Connector post-connector allows Reflected XSS.This issue affects Post Connector: from n/a through = 1.0.11...

CVE-2025-52741

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Barry Kooij Post Connector post-connector allows Reflected XSS.This issue affects Post Connector: from n/a through = 1.0.11...

PT-2025-43232

Name of the Vulnerable Software and Affected Versions Barry Kooij Post Connector versions through 1.0.11 Description The software contains a flaw due to improper input neutralization during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to...

EUVD-2006-5399

Malware in sbrugna...

EUVD-2025-30756

Malicious code in bioql PyPI...

CVE-2025-53452

Missing Authorization vulnerability in Barry Event Rocket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Event Rocket: from n/a through 3.3...

CVE-2025-53452

Missing Authorization vulnerability in Barry Event Rocket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Event Rocket: from n/a through 3.3...

PT-2025-38989

Name of the Vulnerable Software and Affected Versions Barry Event Rocket versions through 3.3 Description An authorization issue exists in Barry Event Rocket, allowing exploitation due to incorrectly configured access control security levels. Recommendations At the moment, there is no information...

barry-callebaut.com Cross Site Scripting vulnerability OBB-3197128

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

related-posts-for-wp 跨站脚本漏洞

related-posts-for-wp is a library by Barry Kooij, a personal developer. It is used to interlink WordPress related posts with a single click. A cross-site scripting vulnerability exists in related-posts-for-wp versions prior to 2.1.3. An attacker can exploit this vulnerability to conduct cross-sit...

Barry-Voice-Assistant path traversal vulnerability

Barry-Voice-Assistant is a voice assistant from the Bulgarian personal developer Lyuboslav Karev. Barry-Voice-Assistant 2021-01-18 and earlier versions have a path traversal vulnerability, which stems from the failure of Flask's sendfile function to properly filter special elements in resource or...

CVE-2022-31541

The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31541

The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31541

The CVE-2022-31541 entry concerns the Barry-Voice-Assistant project (GitHub) where absolute path traversal is possible due to unsafe use of Flask’s send_file. The Red Hat, CNVD, CNVD-like entries align with this description, identifying the issue as a path traversal vulnerability in Barry-Voice-A...

Barry-Voice-Assistant 路径遍历漏洞

Barry-Voice-Assistant is a voice assistant from the Bulgarian personal developer Lyuboslav Karev. Barry-Voice-Assistant 2021-01-18 and earlier versions have a path traversal vulnerability, which stems from the failure of Flask's sendfile function to properly filter special elements in resource or...

web.barry-callebaut.com Cross Site Scripting vulnerability OBB-1297867

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

WordPress Appointments plugin <=2.2.1 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability found by Matt Barry WordFence in WordPress Appointments plugin versions =2.2.1. Solution Update the WordPress Appointments plugin to the latest available version at least 2.2.2...

WordPress Flickr Gallery plugin <=1.5.2 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability found by Matt Barry WordFence in WordPress Appointments plugin versions =1.5.2. Solution Update the WordPress Flickr Gallery plugin to the latest available version at least 1.5.3...