8 matches found
BIT-NODE-MIN-2026-48931
A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
WordPress Relevanssi plugin < 4.26.0 - Contributor+ SQLi vulnerability
Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi versions 4.26.0...
Fedora 43 : Thunar (2025-7a1a0e5bd8)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7a1a0e5bd8 advisory. Update to 4.20.6, the latest stable bugfix release. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...
WordPress CoDesigner plugin <= 4.28.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin CoDesigner versions = 4.28.2...
WordPress Piotnet Addons For Elementor plugin <= 2.4.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Ankit Patel in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.26...
Arista Networks Extensible Operating System 安全漏洞
Arista Networks Extensible Operating System EOS is a scalable operating system for next-generation data center and cloud solutions from Arista Networks, Inc. in the United States. A security vulnerability exists in the Arista Networks Extensible Operating System that stems from specially crafted...
CVE-2022-26041
Directory traversal vulnerability in RCCMD 4.26 and earlier allows a remote authenticated attacker with an administrative privilege to read or alter an arbitrary file on the server via unspecified vectors...
CVE-2020-26300
systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix...