CVE-2026-22800

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...

CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...

CVE-2025-12427

The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.10.0 via the REST API endpoint and AJAX handler due to missing validation on user-controlled keys. This makes it possible for unauthenticated attackers to...

PT-2025-41931

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 24.10.0 through 24.10.12 Centreon Infra Monitoring versions 24.04.0 through 24.04.17 Centreon Infra Monitoring versions 23.10.0 through 23.10.27 Description A flaw exists in Centreon Infra Monitoring related ...

CVE-2025-11228

The CVE-2025-11228 issue affects GiveWP – Donation Plugin and Fundraising Platform for WordPress (versions

SUSE-SU-2025:03354-1 Security update for python-pycares

This update for python-pycares fixes the following issues: Update to version 4.10.0 jscPED-13442: - CVE-2025-48945: Fixed use-after-free vulnerability may have led to a crash bsc1244691...

Statamic 跨站脚本漏洞

Statamic is a powerful flat file Cms built on Laravel by Statamic, Inc. for storing all content, templates, assets, and settings in files instead of a database. A cross-site scripting vulnerability exists in Statamic versions prior to 4.10.0, which stems from an SVG tag that does not clear...

CVE-2020-14166

The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting XSS vulnerability by uploading a html file...

Red Hat libvirt Denial of Service Vulnerability (CNVD-2020-28764)

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in the...