[SECURITY] Fedora 43 Update: CImg-3.7.6-2.fc43

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

Emlog-v2.6.9-Vulnerability-Report

Emlog-v2.6.9-Vulnerability-Report CVE ID: REQUESTED D...

PT-2026-24064

Name of the Vulnerable Software and Affected Versions Actual Sync Server versions prior to 26.3.0 Description Actual Sync Server allows authenticated users to upload files through the ''/sync/upload-user-file'' API endpoint. In versions prior to 26.3.0, insufficient validation of the...

📄 Qualys Security Advisory - Exim 21Nails Advisory

Qualys audited central parts of the Exim mail server and discovered 21 vulnerabilities, with 11 being local vulnerabilities and 10 being remote vulnerabilities. This is older research from 2021 that was missing from the archive. Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim...

CVE-2026-2259

A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local...

CVE-2022-38853

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asfinitaudiostream of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1...

BIT-FLUENT-BIT-2025-29478

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfllistsize in cfllist.h:165...

EUVD-2014-0518

Malware in sbrugna...

EUVD-2018-3142

Malware in sbrugna...

EUVD-2025-27077

Malicious code in bioql PyPI...

POS Point of Sale System /-complex_header.php file cross-site scripting vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of the...

CVE-2025-10029

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/complexheader2.php. Performing manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-10029

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/complexheader2.php. Performing manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-10029 itsourcecode POS Point of Sale System complex_header_2.php cross site scripting

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/complexheader2.php. Performing manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-10029

The CVE concerns itsourcecode POS Point of Sale System 1.0. A cross‑site scripting vulnerability exists in the file /inventory/main/vendors/datatables/unit_testing/templates/complex_header_2.php. Manipulating the scripts argument can inject arbitrary web script/HTML, with remote exploit potential...

CVE-2025-10029 itsourcecode POS Point of Sale System complex_header_2.php cross site scripting

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/complexheader2.php. Performing manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-7567

The CVE-2025-7567 issue affects the ShopXO web application up to version 6.5.0, specifically involving the header.html processing where manipulating the lang/system_type parameter enables Cross-Site Scripting (XSS). The vulnerability can be triggered remotely, and publicly disclosed exploits exis...

PT-2025-29414 · Shopxo · Shopxo

Name of the Vulnerable Software and Affected Versions: ShopXO versions up to 6.5.0 Description: A cross-site scripting issue exists due to the manipulation of the lang/system type parameter in the processing of the header.html file. The attack can be initiated remotely. The exploit has been...

CVE-2020-25092

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel...