PT-2026-45162

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server name results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released ...

CVE-2026-7508 Bootstrap CMS Page Creation show.blade.php code injection

A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...

RUSTSEC-2025-0057 fxhash - no longer maintained

The fxhash crate is no longer maintained. The repository is stale and owner is no longer active on GitHub. Please take a look at rustc-hash instead...

fxhash - no longer maintained

The fxhash crate is no longer maintained. The repository is stale and owner is no longer active on GitHub. Please take a look at rustc-hash instead...

Arrow2 allows out of bounds access in public safe API

Rows::rowunchecked allows out of bounds access to the underlying buffer without sufficient checks. The arrow2 crate is no longer maintained, so there are no plans to fix this issue. Users are advised to migrate to the arrow crate, instead...

Cross-site Scripting (XSS)

Overview org.apache.oozie:oozie-core is a system to define, manage, schedule, and execute complex Hadoop workloads via web services. Affected versions of this package are vulnerable to Cross-site Scripting XSS in an unspecified component. Note: This project is no longer actively maintained so no...

Fedora Repository fedoraIntCallUser default credentials and insecure archive extraction

RISK EVALUATION Fedora Repository 3.8 includes default user credentials and allows path traversal when extracting uploaded archive files. An attacker can exploit these vulnerabilities to read sensitive data and execute arbitrary commands with the privileges of the Java web application server...

RUSTSEC-2024-0423 gtk-layer-shell-sys GTK3 bindings - no longer maintained

The gtk-layer-shell-sys GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-layer-shell instead...

RUSTSEC-2024-0436 paste - no longer maintained

The creator of the crate paste has stated in the README.md that this project is not longer maintained as well as archived the repository Possible Alternatives - pastey: a fork of paste and is aimed to be a drop-in replacement with additional features for paste crate - withbuiltinmacros: crate...

PT-2024-41088 · Paste · Paste

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The creator of the crate paste has stated that this project is no longer maintained and has archived the repository. Recommendations: At the moment, there is no information about a newer...

bcc is unmaintained

bcc will no longer be maintained as declared by the developer. Users are recommended to use libbpf-rs instead. See libbpf-rs...

PT-2024-40929 · Bcc · Bcc

Name of the Vulnerable Software and Affected Versions: bcc affected versions not specified Description: The bcc software will no longer be maintained as declared by the developer. Users are recommended to use libbpf-rs instead. Recommendations: At the moment, there is no information about a newer...

DEBIAN-CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

Fedoraproject Fedora SEoL (22.x)

According to its version, Fedoraproject Fedora is 22.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...

Canonical Ubuntu Linux SEoL (22.10.x)

According to its version, Canonical Ubuntu Linux is 22.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

CentOS SEoL (4.x)

According to its version, CentOS is 4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc...

RUSTSEC-2024-0417 gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

RUSTSEC-2024-0420 gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

RUSTSEC-2024-0414 gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...