545 matches found
[SECURITY] Fedora 44 Update: perl-Dist-Build-0.028-1.fc44
Dist::Build is a Build.PL implementation. Unlike Module::Build::Tiny it is extensible, unlike Module::Build it uses a build graph internally which makes it easy to combine different customizations. It's typically extended by adding a .pl script in planner/...
[SECURITY] Fedora 43 Update: perl-Dist-Build-0.028-1.fc43
Dist::Build is a Build.PL implementation. Unlike Module::Build::Tiny it is extensible, unlike Module::Build it uses a build graph internally which makes it easy to combine different customizations. It's typically extended by adding a .pl script in planner/...
CVE-2026-28116
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
CVE-2026-28116 WordPress Progress Planner plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
CVE-2026-28116
CVE-2026-28116 affects the WordPress Progress Planner plugin up to version 1.9.0. The issue is a Stored XSS due to improper neutralization of input during web page generation. Under CVSS 3.1, the impact is Low for confidentiality, integrity, and availability, with a Network attack vector, Low att...
CVE-2026-28116
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
EUVD-2026-33929
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
CVE-2026-28116 WordPress Progress Planner plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
WordPress Progress Planner plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by hongdo in WordPress Plugin Progress Planner versions = 1.9.0...
PT-2026-45748
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0...
CVE-2026-45410
TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password comparison before...
PwnGPT-Automation
PwnGPT Caputre the flag with Large Language Models. Constructe...
GenAI-Driven Threat Detection with Microsoft Security Copilot
Defending against today's increasingly sophisticated cyberattacks requires security analysts to continuously translate evolving attacker tradecraft into detection logic. This places defenders in a reactive posture, requiring constantly updated expertise across an increasingly fragmented security...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the SQL code generation process. An attacker can execute arbitrary code on TaskManagers by submitting specially crafted SQL queries that exploit improper escaping of user-controlled strings in generated Java...
CVE-2026-40185
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2...
CVE-2026-40184
TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...
CVE-2026-40184
TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...
CVE-2026-40185
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2...
EUVD-2026-21587
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2...
CVE-2026-40185 Missing Authorization on Immich Trip Photo Routes in TREK
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2...