@bechara/crux (>=6.0.0 <=6.6.2), @cappa/cli (>=0.1.0 <=0.8.2) +11 more potentially affected by CVE-2026-6270 via @fastify/middie (>=9.0.2 <=9.3.1)

@fastify/middie NPM version =9.0.2, =6.0.0, =0.1.0, =0.1.0, =1.0.0, =1.0.11, =0.1.51, =1.0.36, =11.0.0, =1.3.0, =5.0.0, =0.6.1-dev, =1.1.48 Source cves: CVE-2026-6270 Source advisory: SNYK:JS-FASTIFYMIDDIE-16098213...

Incorrect Check of Signer Response Norm During Verification

The ML-DSA verification algorithm as specified in FIPS 204, subsection 6.3 requires verifiers to check that the infinity norm of the deserialized signer response $z$ does not exceed $\gamma1 - \beta$ line 13 of Algorithm 8. The same check is required to be performed during signature generation...

EUVD-2008-4464

Malware in sbrugna...

EUVD-2008-4465

Malware in sbrugna...

EUVD-2020-21762

Malware in sbrugna...

CVE-2008-0700

Cross-site scripting XSS vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2020-29389

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password...

CVE-2020-29389

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password...

Default credentials

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password...

CVE-2020-29389

CVE-2020-29389 affects Crux Linux Docker images 3.0–3.4, where the root account uses a blank password inside the container, enabling potential root access without authentication when running affected images. The NVD entry reports a CVSS v3.1 base score of 9.8 (CRITICAL) with Network attack vector...

CVE-2020-29389

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password...

Crux Linux Docker images Access Control Error Vulnerability

Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...

Introducing New RUM-based Website Performance Benchmarks!

End users expect nothing short of a flawless experience when visiting your website. A slow-performing, error-prone website can lead to significant losses in revenue and brand value. Do you know how your website performs for real users compared to other similar sites? We are excited to tell you...

Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability

========================================================= ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php"; $theme isn't declared, so you can include any file...

Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery = 1.32 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Crux Gallery Version: = 1,32 File affected: admin/ Download:...

Scripts Feed Dating Software SQL Injection

============================================================================== Scripts Feed Dating Software Cookie Manip/SQLi Multiple Remote Vulnerabilities ============================================================================== + My home http://hack-tech.com + Date Submitted: February 27...

Scripts Feed Dating Software (Cookie Manip/SQLi) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ========================================================================= Scripts Feed Dating Software Cookie Manip/SQLi Multiple Vulnerabilities =========================================================================...

PHP Ask & Answer (XSS) Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ========================================================= PHP Ask & Answer XSS Cross Site Scripting Vulnerability =========================================================...

SBD Directory 4.0 (XSS) Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ========================================================== SBD Directory 4.0 XSS Cross Site Scripting Vulnerability ==========================================================...

SBD Directory 4.0 Cross Site Scripting

============================================================================== SBD Directory 4.0 XSS Cross Site Scripting Vulnerability ============================================================================== + My home http://hack-tech.com + Date Submitted: January 11 2010 + Founder: Crux +...