ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +29837 more potentially affected by CVE-2026-42587 via io.netty:netty-codec (>=4.0.0.Alpha1 <=4.1.132.Final)

io.netty:netty-codec MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...

CVE-2026-29102

SuiteCRM (open-source CRM) has an Authenticated Remote Code Execution (RCE) vulnerability affecting modules in versions prior to 7.15.1 and 8.9.3. Patch versions 7.15.1 and 8.9.3 to remediate. The CVSSv3.1 base score is 7.2 (High) with network attack vector, low attack complexity, and privileges ...

CVE-2026-29102 SuiteCRM has Authenticated RCE in Modules

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, an Authenticated Remote Code Execution RCE vulnerability exists in SuiteCRM modules. Versions 7.15.1 and 8.9.3 patch the issue...

CVE-2026-29101

CVE-2026-29101 affects SuiteCRM prior to versions 7.15.1 and 8.9.3, where a Denial-of-Service (DoS) vulnerability exists in modules. The issue is resolved by upgrading to 7.15.1 or 8.9.3, per multiple sources. The available descriptions identify the vulnerability as a DoS affecting SuiteCRM modul...

EUVD-2017-8303

Malware in sbrugna...

EUVD-2017-8302

Malware in sbrugna...

EUVD-2004-0662

Malware in sbrugna...

Reflected Cross-Site Scripting (Reflected XSS)

com.liferay, com.liferay.expando.web are vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper input validation of the comliferayexpandowebportletExpandoPortletdisplayType parameter, which allows an attacker to inject and execute arbitrary JavaScript code in a...

PT-2025-2672 · Unknown · Oshine Modules

Name of the Vulnerable Software and Affected Versions: Oshine Modules affected versions not specified Description: The issue is a Server-Side Request Forgery SSRF vulnerability in NotFound Oshine Modules. This type of vulnerability allows an attacker to trick the server into making requests to...

USN-6588-1 pam vulnerability

Matthias Gerstner discovered that the PAM pamnamespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service...

The vulnerabilities of the Ethernet modules FX3U-ENET-ADP and Ethernet FX3U-ENET(-L) of the microprogrammable logic controllers MELSEC iQ-F series, such as FX3U, FX3UC, FX3G, FX3GC-32MT, FX3GE, FX3GA, FX3S, and FX3SA, allow attackers to circumvent security restrictions and reset system settings.

The vulnerability of the Ethernet modules FX3U-ENET-ADP and Ethernet FX3U-ENET-L of the microprogrammable logic controllers MELSEC iQ-F series, such as FX3U, FX3UC, FX3G, FX3GC-32MT, FX3GE, FX3GA, FX3S, and FX3SA, stems from the ability to bypass authentication by using capture-replay techniques...

CVE-2023-33966 Deno missing "--allow-net" permission check for built-in Node modules

Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and denoruntime 0.114.0, outbound HTTP requests made using the built-in node:http or node:https modules are incorrectly not checked against the network permission allow list --allow-net. Dependencies relying on these built-in modules...

The vulnerability of the module of central processors in programmable logic controllers such as MELIPC, MELSEC iQ-R, MELSEC Q, and MELSEC L allows a intruder to trigger a service failure.

The vulnerability of the microcontroller modules in programmable logic controllers such as MELIPC, MELSEC iQ-R, MELSEC Q, and MELSEC L is related to errors in processing input data length parameters. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions...

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.

The vulnerability of the pam-modules package in the SUSE Linux Enterprise operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the debian-gnu/linux operating system’s pcmcia-modules-2.4.27-3-k7 package can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The “multiple vulnerabilities” of the squashfs-modules-2.6.18-6-xen-vserver-686 package of the Debian GNU/Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities can be carried out by local...

CVE-2004-0663

Cross-site scripting XSS vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the 1 id parameter to the a privatemessages module; 2 search parameter to the b links and c content modules; and 3 files parameter to the gallery module...