WordPress Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.2.0 - Authenticated (Subscriber+) Authorization Bypass vulnerability

Authenticated Subscriber+ Authorization Bypass vulnerability discovered by Sander Horsman - Conda Security in WordPress Plugin FluentForm versions = 6.2.0...

AZL-79334 CVE-2026-3381 affecting package conda 24.3.0-4

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79308 CVE-2026-3381 affecting package conda 4.11.0-1

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

GHSA-6R62-W2Q3-48HF BentoML has a Path Traversal via Bentofile Configuration

Summary BentoML's bentofile.yaml configuration allows path traversal attacks through multiple file path fields description, docker.setupscript, docker.dockerfiletemplate, conda.environmentyml. An attacker can craft a malicious bentofile that, when built by a victim, exfiltrates arbitrary files fr...

BentoML has a Path Traversal via Bentofile Configuration

Summary BentoML's bentofile.yaml configuration allows path traversal attacks through multiple file path fields description, docker.setupscript, docker.dockerfiletemplate, conda.environmentyml. An attacker can craft a malicious bentofile that, when built by a victim, exfiltrates arbitrary files fr...

Directory Traversal

Overview bentoml is a BentoML: Build Production-Grade AI Applications Affected versions of this package are vulnerable to Directory Traversal via the processing of user-supplied file paths in configuration fields description, docker.setupscript, docker.dockerfiletemplate, and conda.environmentyml...

CVE-2022-0338

Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3...

[SECURITY] Fedora 42 Update: conda-build-25.4.0-1.fc42

You can easily build your own packages for conda, and upload them to anaconda.org, a free service for hosting packages for conda, as well as other package managers. To build a package, create a recipe. See http://github.com/conda/conda-recipes for many example recipes, and...

Fedora 42 : conda-build (2025-eb0eab6793)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-eb0eab6793 advisory. Update to 25.4.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora: Security Advisory (FEDORA-2025-eb0eab6793)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-64343

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

CVE-2025-64343

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

CVE-2025-64343 (conda) Constructor: Excessive permissions during and after installation

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

CVE-2025-64343

CVE-2025-64343 affects the conda Constructor tool. In versions 3.12.2 and earlier, the installation directory inherits permissions from its parent, and outside restricted directories those permissions can permit write access by authenticated users. Any logged-in user could modify during installat...

EUVD-2025-38241

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

CVE-2025-64343 (conda) Constructor: Excessive permissions during and after installation

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

Conda Constructor 安全漏洞

Conda Constructor is a Conda open source tool for creating installers from conda packages. A security vulnerability exists in Conda Constructor 3.12.2 and earlier versions, which stems from the installation directory inheriting parent directory permissions, which could lead to modification...

PT-2025-45411

Name of the Vulnerable Software and Affected Versions conda Constructor versions 3.12.2 and below Description conda Constructor is a tool used to create installers for conda package collections. Versions 3.12.2 and earlier have a configuration where the installation directory receives permissions...

EUVD-2025-18459

Malicious code in bioql PyPI...

EUVD-2025-18458

Malicious code in bioql PyPI...