Examples for Developers - Moderately critical - Access bypass - SA-CONTRIB-2026-044

The Examples for Developers project aims to provide high-quality, well-documented API examples for a broad range of Drupal core functionality. The "Read from a file" feature implemented by the fileexample submodule can be used to expose any file that PHP can access. Therefore, the fileexample...

PT-2026-48592

The Examples for Developers project aims to provide high-quality, well-documented API examples for a broad range of Drupal core functionality. The "Read from a file" feature implemented by the file example submodule can be used to expose any file that PHP can access. Therefore, the file example...

[SECURITY] Fedora 42 Update: python3.9-3.9.25-7.fc42

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

What Security Should Look Like When Built for Developers

Security tools should support the way developers actually work. Here’s how we’re reimagining what that looks like...

CVE-2023-25042

CVE-2023-25042 : Stored XSS in the oAuth Twitter Feed for Developers WordPress plugin (

CVE-2020-11084

In iPear, the manual execution of the eval function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data files from the PC...

CVE-2020-11084

In iPear, the manual execution of the eval function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data files from the PC...

Command injection

In iPear, the manual execution of the eval function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data files from the PC...

CVE-2020-11084 Command Injection in iPear

In iPear, the manual execution of the eval function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data files from the PC...

Security Bulletin: Various IBM WebSphere MQ Installers are susceptible to DLL-planting vulnerabilities (CVE-2016-2542 & CVE-2016-4560)

Summary Various IBM WebSphere MQ graphical user interface installers are susceptible to a DLL-planting vulnerability where a malicious DLL, that is present in the Windows search path, could be loaded by the operating system in place of the genuine file. The vulnerability affects Windows executabl...

Microsoft Visual Studio WmiScriptUtils.dll跨域脚本漏洞

Microsoft Visual Studio是一套微软公司的开发工具套件系列产品。 Microsoft Visual Studio WMIScriptUtils.WMIObjectBroker2 ActiveX控件处理存在问题，远程攻击者可利用漏洞以应用程序进程权限执行任意指令。 Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX控件存在安全问题，攻击者可以构建恶意页面，诱使用户访问，导致绕过Internet域安全限制，并实例化其他危险的对象，造成 任意指令执行。 Visual Studio 2005 Standard Edition...