CVE-2026-45539

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

EUVD-2026-27045

Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...

PT-2026-36874

Name of the Vulnerable Software and Affected Versions Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier Description A hardcoded authentication bypass exists in the QR code scanning functionality. Unauthenticated remote attackers can bypass hash verification by providing...

CVE-2025-56513

CVE-2025-56513 affects NiceHash QuickMiner v6.12.0, where the update mechanism uses HTTP without signature/hash verification, enabling a Network-based MITM to replace updates and execute arbitrary code. Root cause: unencrypted update delivery and absence of digital signatures/integrity checks for...

ROS-20250821-08

A vulnerability in the TCPDF PHP library is related to reading arbitrary files from the server's file system via the src tag. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information. information Vulnerability in TCPDF PHP library is related to improper...

Linux Distros Unpatched Vulnerability : CVE-2019-11738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will...

SUSE-SU-2024:0289-1 Security update for slurm_23_02

This update for slurm2302 fixes the following issues: Update to slurm 23.02.6: Security fixes: - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. bsc1218046 - CVE-2023-49935: Prevent message hash bypass in slurmd which can allow an attacker to reuse root-level...

SUSE-SU-2024:0280-1 Security update for slurm_23_02

This update for slurm2302 fixes the following issues: Update to slurm 23.02.6: Security fixes: - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. bsc1218046 - CVE-2023-49935: Prevent message hash bypass in slurmd which can allow an attacker to reuse root-level...

UBUNTU-CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...