CVE-2026-44339

Summary: A vulnerability in PraisonAI’s tool resolution allows undeclared main callables to be invoked through tool-call name manipulation. Prior to versions 4.6.37 (PraisonAI) and 1.6.37 (PraisonAIagents), unresolved tool names were resolved against module globals and main when the declared tool...

WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Nexter Blocks versions = 4.6.3...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003180 advisory. Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or...

CVE-2025-62870

CVE-2025-62870 concerns Eupago Gateway For Woocommerce (WordPress plugin)

IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering

Summary ZITADEL's Organization V2Beta API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users with specific administrator roles within one organization to access and modify data belonging to other organizations. Impact ZITADEL's Organization V2Beta API,...

Linux Distros Unpatched Vulnerability : CVE-2016-5243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local user...

CVE-2023-46307

Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...

CVE-2022-46337

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...

CVE-2023-32108

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Ignazio Scimone Albo Pretorio On line plugin = 4.6.3 versions...

ai.idylnlp:idylnlp-nlp-language-detection-tika (>=1.0.0 <=1.1.0), ai.stainless:grails-tika (=0.1.0) +2685 more potentially affected by CVE-2022-46363 via org.apache.cxf:cxf-core (>=3.0.0-milestone1 <=3.4.1)

org.apache.cxf:cxf-core MAVEN version =3.0.0-milestone1, =1.0.0, =11.4-37, =3.6.1, =3.11.0, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.1.0.RELEASE - cloud.testload:jmeter-clickhouse-listener =2.00 and more Source cves: CVE-2022-46363 Source...

DEBIAN-CVE-2021-43008

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...

UBUNTU-CVE-2021-43008

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...

PYSEC-2021-368

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...

UBUNTU-CVE-2021-32811

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...

OESA-2021-1178 python-lxml security update

The lxml XML toolkit is a Pythonic binding for the C libraries libxml2 and libxslt. It is unique in that it combines the speed and XML feature completeness of these libraries with the simplicity of a native Python API, mostly compatible but superior to the well-known ElementTree API. The latest...

PYSEC-2021-19

An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run...

CVE-2019-11467

In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, , it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer service to crash and restart...

Kibana 5.0.1 and 4.6.3 released with a fix for an open redirect vulnerability

Kibana versions 5.0.1 and 4.6.3 fix an open redirect vulnerability in the short URL feature that would allow an attacker to create a redirect from the Kibana domain to a different website. We’ve assigned this vulnerability the identifier ESA-2016-08. Thank you to the GE Digital Security Team for...