ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.3), ai.agentican:agentican-quarkus-metrics (>=0.1.0-alpha.1 <=0.1.0-alpha.3) +14149 more potentially affected by CVE-2026-42579 via io.netty:netty-codec-dns (>=4.1.0.Beta4 <=4.1.132.Final)

io.netty:netty-codec-dns MAVEN version =4.1.0.Beta4, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves: CVE-2026-42579 Source advisory:...

EUVD-2005-0476

Malware in sbrugna...

EUVD-2007-2734

Malware in sbrugna...

EUVD-2022-29604

Malicious code in bioql PyPI...

CVE-2023-28440

Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where admins are untruste...

PT-2025-19796 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions 3.5.0.beta4 before commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b Description: A data leak issue affects Discourse, an open-source community platform, allowing some content on the site's homepage to be visible to...

Bluegrams YoutubeDLSharp 安全漏洞

Bluegrams YoutubeDLSharp is a simple .NET wrapper library for youtube-dl and yt-dlp from Bluegrams. A security vulnerability exists in Bluegrams YoutubeDLSharp version 1.0.0-beta4 through versions prior to 1.1.2, which stems from an insecure parameter transformation that could lead to command...

PT-2024-15277 · WordPress · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton plugin for WordPress versions up to, and including, 3.0.0-beta.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the moderator code and viewer code...

Mautic 安全漏洞

Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in Mautic version 1.0.0-beta4 and earlier versions, which stems from the contact tracking and pa...

BIT-DISCOURSE-2024-36113 Discourse missing authorization checks for suspending admins/moderators

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch, version 3.3.0.beta3 on the beta branch, and version 3.3.0.beta4-dev on the tests-passed branch, a rogue staff user could suspend other staff users preventing them from logging in to the site. The issue i...

BIT-DISCOURSE-2024-36122 Discourse doesn't limit reviewable user serializer payload

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, moderators using the review queue to review users may see a users email address even when the Allow moderators to view email addresses settin...

BIT-DISCOURSE-2024-37157 Discourse vulnerable to Server-Side Request Forgery via FastImage

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on...

Discourse 3.3.x - 3.3.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

CVE-2024-36113

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch, version 3.3.0.beta3 on the beta branch, and version 3.3.0.beta4-dev on the tests-passed branch, a rogue staff user could suspend other staff users preventing them from logging in to the site. The issue i...

CVE-2024-36122

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, moderators using the review queue to review users may see a users email address even when the Allow moderators to view email addresses settin...

CVE-2024-37157

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on...

CVE-2024-36113

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch, version 3.3.0.beta3 on the beta branch, and version 3.3.0.beta4-dev on the tests-passed branch, a rogue staff user could suspend other staff users preventing them from logging in to the site. The issue i...

CVE-2024-37157 Discourse vulnerable to Server-Side Request Forgery via FastImage

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on...

CVE-2024-37157

Discourse prior to version 3.2.3 on the stable branch and 3.3.0.beta4 on the beta/tests-passed branches is vulnerable to an SSRF via the FastImage library, which could redirect requests to an internal Discourse IP. The issue is patched in 3.2.3 (stable) and 3.3.0.beta4 (beta/tests-passed). No pub...

CVE-2024-37157 Discourse vulnerable to Server-Side Request Forgery via FastImage

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta4 on the beta and tests-passed branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on...