161045 matches found
ROOT-APP-PYPI-CVE-2023-43804 CVE-2023-43804 in rootio-urllib3 - Patched by Root
Root has patched CVE-2023-43804 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-66471 CVE-2025-66471 in rootio-urllib3 - Patched by Root
Root has patched CVE-2025-66471 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-45803 CVE-2023-45803 in rootio-urllib3 - Patched by Root
Root has patched CVE-2023-45803 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2020-26137 CVE-2020-26137 in rootio-urllib3 - Patched by Root
Root has patched CVE-2020-26137 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2023-20860 CVE-2023-20860 in io.root.org.springframework:spring-webmvc - Patched by Root
Root has patched CVE-2023-20860 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2024-22262 CVE-2024-22262 in io.root.org.springframework:spring-web - Patched by Root
Root has patched CVE-2024-22262 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2016-1000027 CVE-2016-1000027 in io.root.org.springframework:spring-web - Patched by Root
Root has patched CVE-2016-1000027 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-22741 CVE-2026-22741 in io.root.org.springframework:spring-webmvc - Patched by Root
Root has patched CVE-2026-22741 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-53643 CVE-2025-53643 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-53643 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-Q4GF-8MX6-V5V3 GHSA-q4gf-8mx6-v5v3 in @rootio/next - Patched by Root
Root has patched GHSA-q4gf-8mx6-v5v3 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-69534 CVE-2025-69534 in rootio-python3.9 - Patched by Root
Root has patched CVE-2025-69534 in the rootio-python3.9 package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-3479 CVE-2026-3479 in rootio-python3.9 - Patched by Root
Root has patched CVE-2026-3479 in the rootio-python3.9 package for Root:Debian:11. Multiple fixed versions available...
Chamilo Command Injection
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11. up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. id: CVE-2023-34960 info: name: Chamilo Command Injection author: DhiyaneshDK severity: critical...
Apache Superset - Authentication Bypass
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRETKEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset...
Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. id: CVE-2023-24489 info: name: Citrix ShareFile StorageZones...
Atlassian Confluence Download Attachments - Remote Code Execution
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this pat...
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence AI company announced last month. Calling GPT‑5.5‑Cyber its "strongest model yet for finding and helping patch software...
PT-2026-51625
Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Gitea affected versions not specified Description A stored DOM-based Cross-Site Scripting XSS issue exists where an attacker can store an HTML or JavaScript payload in a milestone name. When a user opens th...
PT-2026-51521
Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.5.4 through 0.7.x Description An authorization bypass in the API role handling allows unauthenticated access to privileged '/api/system/' endpoints. Because system resolves to the cron admin identity, attackers can invok...
Linux Distros Unpatched Vulnerability : CVE-2026-53540
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parseform did not validate the Content-Length header before using it to bound its...