Linux Distros Unpatched Vulnerability : CVE-2026-33414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in...

CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

CVE-2024-14025

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

EUVD-2024-55473

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

CVE-2024-14025

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

CVE-2024-14025

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

CVE-2024-14024 Video Station

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the...

CVE-2026-24351

PluXml CMS is affected by CVE-2026-24351 (Stored XSS in Static Pages editing). An attacker with editing privileges can inject arbitrary HTML/JS that is rendered when visiting the edited page. Vulnerable confirmed in versions 5.8.21 and 5.9.0-rc7; other versions were not tested and might also be v...

wolfSSL Python module vulnerable to Improper Authentication

A vulnerability in the handling of verifymode = CERTREQUIRED in the wolfssl Python package wolfssl-py causes client certificate requirements to not be fully enforced. Because the WOLFSSLVERIFYFAILIFNOPEERCERT flag was not included, the behavior effectively matched CERTOPTIONAL: a peer certificate...

CVE-2025-15346

A vulnerability in the handling of verifymode = CERTREQUIRED in the wolfssl Python package wolfssl-py causes client certificate requirements to not be fully enforced. Because the WOLFSSLVERIFYFAILIFNOPEERCERT flag was not included, the behavior effectively matched CERTOPTIONAL: a peer certificate...

DEBIAN-CVE-2025-11934

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...

CVE-2025-11933

CVE-2025-11933 describes an issue in wolfSSL up to version 5.8.2 where improper input validation in the TLS 1.3 CKS extension parsing can allow a remote unauthenticated attacker to cause a denial‑of‑service with a crafted ClientHello containing duplicate CKS extensions. Affected software is wolfS...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL CyaSSL versions 5.8.2 and earlier, which stems from improper validation of the TLS 1.3 CertificateVerify...

CVE-2021-47691 Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Services Page

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting XSS vulnerabilities via the Services page affecting the configname and servicedescription fields. Insufficient validation or escaping of user-supplied input may allow an...

PT-2025-44475

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.2 Core Config Manager CCM versions prior to 3.1.1 Description The Core Config Manager CCM in Nagios XI is susceptible to cross-site scripting XSS issues through the Services page. The config name and service...

SUSE-SU-2025:20474-1 Security update for afterburn

This update for afterburn fixes the following issues: - Update to version 5.8.2: cargo: Afterburn release 5.8.2 docs/release-notes: update for release 5.8.2 cargo: update dependencies packit: add initial support - Update to version 5.7.0: builddeps: bump crossbeam-channel from 0.5.13 to 0.5.15...

WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability

Group Members Limit Bypass vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.8.2...

PT-2024-22174 · WordPress · Wp Enhanced Free Downloads Woocommerce

Name of the Vulnerable Software and Affected Versions: WP Enhanced Free Downloads WooCommerce versions 3.5.8.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored...

SUSE CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2...

UBUNTU-CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2...