13 matches found
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
Linux Distros Unpatched Vulnerability : CVE-2026-43864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mutt before 2.3.2 has a showsigsummary NULL pointer dereference. CVE-2026-43864 Note that Nessus relies on the presence of the package as reported by the vendor...
Orejime 跨站脚本漏洞
Orejime is an open source user consent management tool from Boscop. A cross-site scripting vulnerability exists in Orejime versions prior to 2.3.2, which stems from embedded javascript code in the data attribute and could lead to the execution of malicious code...
GO-2025-3857 OpenBao Root Namespace Operator May Elevate Token Privileges in github.com/openbao/openbao
OpenBao Root Namespace Operator May Elevate Token Privileges in github.com/openbao/openbao. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...
PYSEC-2023-3
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...
PT-2023-7467 · Apache · Apache Airflow Drill Provider
Name of the Vulnerable Software and Affected Versions: Apache Airflow Drill Provider versions prior to 2.3.2 Description: The issue is related to improper input validation in the Apache Airflow Drill Provider. This can allow a remote attacker to impact the confidentiality of protected information...
joplin 跨站请求伪造漏洞
Joplin is an open source notes and to-do list application. A security vulnerability exists in versions of joplin prior to 2.3.2 that stems from the application's lack of various forms of CSRF checking, leaving it vulnerable to cross-site request forgery attacks...
WordPress 插件跨站脚本漏洞
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addons-PowerPack Addons for Elementor plugin versions prior to 2.3.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...
Magento Information Disclosure Vulnerability (CNVD-2019-26228)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An information disclosure vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, a...
Magento cross-site scripting vulnerability (CNVD-2019-26246)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento version 2.1.18 before version 2.1, 2.2.9 before version 2.2...
Magento Input Validation Error Vulnerability (CNVD-2019-39390)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A security vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and version 2.3...
Magento Input Validation Error Vulnerability (CNVD-2019-39385)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . A security vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and version 2.3...
Magento Code Execution Vulnerability (CNVD-2019-39396)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . A security vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and version 2.3...