GHSA-4255-C27H-62M5 unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command)

The sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via JSON.stringify without sanitization, exposing secrets to shell history, CI/CD logs, and log...

unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command)

The sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via JSON.stringify without sanitization, exposing secrets to shell history, CI/CD logs, and log...

Linux Distros Unpatched Vulnerability : CVE-2026-25918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive...

unity-cli 日志信息泄露漏洞

unity-cli is a command-line utility for the Unity game engine, open-sourced by RageAgainstThePixel. Versions of unity-cli prior to 1.8.2 had a vulnerability related to log information leakage. This vulnerability stemmed from the sign-package command, which recorded sensitive credentials in plain...

Axios 代码问题漏洞

Axios is an HTTP client based on Promise a solution for asynchronous programming from the Axios open source. A code issue vulnerability exists in Axios versions prior to 1.8.2 that stems from passing absolute URLs could lead to SSRF and credential disclosure...

PYSEC-2023-274

Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges...

Copyparty 路径遍历漏洞

Copyparty is a portable file server for individual developers. A path traversal vulnerability exists in Copyparty versions prior to 1.8.2, which stems from a path traversal vulnerability in the ".cpr" subfolder...

WordPress Plugin Campaign URL Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

SUSE CVE-2008-4776

libgadu before 1.8.2 allows remote servers to cause a denial of service crash via a contact description with a large length, which triggers a buffer over-read...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Deck versions prior to 1.6.5, 1.7.x versions prior to 1.7.3, and 1.8.x versions prior to 1.8.2, which stems fr...

WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. Cross-site scripting vulnerabilities exist in versions of the WordPress Patreon plugin prior to 1.8.2, which stem from the plugin's failu...

Nextcloud 访问控制错误漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Mail versions prior to 1.4.3, and prior to 1.8.2, which can be exploited by an authenticated attacke...

WordPress plugin WP Maintenance Mode & Site Under Construction 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . WP Maintenance Mode & Site Under Construction An...

Pricing Table by Supsystic Cross-Site Request Forgery Vulnerability

WordPress plugin Pricing Table by Supsystic is used to create pricing tables easily. A cross-site request forgery vulnerability exists in Pricing Table by Supsystic versions prior to 1.8.2. No details of the vulnerability are provided at this time...

EdgeMAX EdgeSwitch Denial of Service Vulnerability

Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti Networks EdgeMAX EdgeSwitch versions prior to 1.8.2. The vulnerability can be exploited by an attacker with specially crafted commands to cause the SSH CLI...

EdgeMAX EdgeSwitch Command Injection Vulnerability

Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks, Inc. A command injection vulnerability exists in Ubiquiti Networks EdgeMAX EdgeSwitch versions prior to 1.8.2. The vulnerability stems from a network system or product not properly filtering specific elements of...

CVE-2019-5446

Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root...

PT-2019-17675 · Edgemax · Edgeswitch

Name of the Vulnerable Software and Affected Versions: EdgeMAX EdgeSwitch versions prior to 1.8.2 Description: The issue allows an Admin user to execute commands as root, which could lead to unauthorized access and control of the system. Recommendations: For versions prior to 1.8.2, update to...

DEBIAN-CVE-2012-4297

Buffer overflow in the dissectgsmrlcmacdownlink function in epan/dissectors/packet-gsmrlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet...

CVE-2012-4294

Buffer overflow in the channelisedfillsdhg707format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed aka rate value...