com.braimanm:uitaf (>=3.0.0 <=3.2.3), com.braimanm:uitaf-playwright (>=1.0.0-alpha <=1.0.1-alpha) +7 more potentially affected by CVE-2026-33166 via io.qameta.allure:allure-generator (>=2.10.0 <=2.37.0)

io.qameta.allure:allure-generator MAVEN version =2.10.0, =3.0.0, =1.0.0-alpha, =1.1.0, =0.1.17, =0.1.17, =1.0-RC1, =2.10.0, =2.37.0 - org.uitaf:uitaf-playwright =1.0.1 Source cves: CVE-2026-33166 Source advisory: SNYK:JAVA-IOQAMETAALLURE-15763503...

CVE-2026-33301 OpenEMR has arbitrary image file read via PDF generator

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read...

Predictable Seed in Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Predictable Seed in Pseudo-Random Number Generator PRNG in the loop plugin during self-test on server startup. An attacker can cause the DNS server to crash by sending specially crafted DNS queries that exploit the use of a predictable...

CVE-2025-67469 WordPress PDF Thumbnail Generator plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through = 1.4...

EUVD-2018-12691

Malware in sbrugna...

EUVD-2022-6267

Malicious code in bioql PyPI...

WordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Barcode Generator for WooCommerce versions = 2.0.4...

Projectworlds Online Time Table Generator 代码问题漏洞

Projectworlds Online Time Table Generator is an online time table generator from Projectworlds India. A code issue vulnerability exists in Projectworlds Online Time Table Generator version 1.0, which stems from an incorrect manipulation of the parameter pic resulting in unlimited uploads...

CVE-2025-1796

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...

PT-2023-23252 · Baidu · Baidu Tongji Generator

Name of the Vulnerable Software and Affected Versions: Baidu Tongji generator versions n/a through 1.0.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the Haoqisir Baidu Tongji generator. Recommendations: For versions n/a through 1.0.2, as a...

Server-side Request Forgery (SSRF)

openapi-generator is vulnerable to Server-side Request Forgery SSRF. The vulnerability exists due to the improper validation in the /api/gen/clients/language path, allowing an attacker to access network resources and sensitive information via a crafted API request...

CVE-2022-4321 PDF Generator for WordPress < 1.1.2 - Reflected XSS

The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin...

CVE-2022-24992

A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal...

actyx_sdk (=0.3.0), actyxos_sdk (>=0.5.1 <=0.6.0) +40 more potentially affected by CVE-2020-36471 via generator (=0.6.25)

generator CARGO version =0.6.25 is affected by a known vulnerability. The following packages have a transitive dependency on generator and may be impacted: - actyxsdk =0.3.0 - actyxossdk =0.5.1, =0.1.0, =0.2.0, =0.1.0, =0.1.0-alpha.1, =0.1.0, =0.0.1, =0.2.11, =0.7.0, =0.5.0, =0.9.2, =0.8.2, =0.1....

Centreon Security Feature Issue Vulnerability

Centreon Merethis Centreon is an open source IT monitoring software package from Centreon France that needs to be used with Nagios. The software enables the management of Nagios via the Web, as well as the monitoring of networks, operating systems and applications via third-party components. A...

CVE-2003-0900

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers...

CVE-2003-0900

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers...

CVE-2001-1141

The Pseudo-Random Number Generator PRNG in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers...