CVE-2026-33979

Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data in req.body, req.query, req.headers and req.params to prevent Cross Site Scripting XSS attack. A vulnerability has been identified in versions prior to 2.0.2 where restrictive sanitization configurations are...

CVE-2026-32489

Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through 2.0.30...

PT-2026-25216

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

CVE-2023-4829

Cross-site Scripting XSS - Stored in GitHub repository froxlor/froxlor prior to 2.0.22...

PT-2025-52575

Name of the Vulnerable Software and Affected Versions Live Composer – Free WordPress Website Builder plugin versions prior to 2.0.3 Description The Live Composer – Free WordPress Website Builder plugin for WordPress is susceptible to PHP Object Injection due to deserialization of untrusted input...

EUVD-2025-38141

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.0.9...

Dragonfly 安全漏洞

Dragonfly is a framework that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly prior to version 2.0.9 that stems from Dragonfly's use of hard-coded JWT to authenticate users, which could lead to authentication bypass...

CVE-2024-23734

Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...

Froxlor 安全漏洞

Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor versions prior to 2.0.0 that stems from the presence of a path traversal...

CVE-2022-2400

External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...

CVE-2016-8235

Privilege escalation in Lenovo Customer Care Software Development Kit CCSDK versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges...

CVE-2016-9869

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client SDC server unavailable...

PT-2008-3145 · Apple · Safari

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 2.0 on Apple iPhone and iPod touch Description: The issue misinterprets a menu button press as user confirmation for visiting a web site with a self-signed or invalid certificate. This makes it easier for remote...

security flaw

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service crash via unspecified vectors that trigger memory corruption...