CVE-2026-3526

Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...

Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25564)

The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25564 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...

EUVD-2025-204544

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

07FLY-CRM 跨站脚本漏洞

07FLY-CRM is a CRM management system from China Zero Takeoff 07FLY. A cross-site scripting vulnerability exists in versions prior to 07FLY-CRM 1.2.0, which stems from unknown code in the User Profile Handler that results in cross-site scripting...

CVE-2022-1813

OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0...

CVE-2020-36196

A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions prior to 1.2.0...

Mattermost Server Resource Management Error Vulnerability (CNVD-2020-35451)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 1.2.0. An attacker can exploit this vulnerability to cause a denial of service with a small compressed file...