LoLLMs 安全漏洞

LoLLMs is a large language and multimodal system personally developed by Saifeddine ALOUI. Versions of LoLLMs prior to 2.2.0 contained a security vulnerability. This vulnerability stemmed from the createpost function not properly cleaning the content provided by users, which could lead to...

CVE-2026-21419

Dell Display and Peripheral Manager Windows versions prior to 2.2 contain an Improper Link Resolution Before File Access 'Link Following' vulnerability in the Installer and Service. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...

CVE-2025-68931

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2...

Linux Distros Unpatched Vulnerability : CVE-2023-0770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. CVE-2023-0770 Note that Nessus relies on the presence of the package as reported by the...

PT-2024-15017

Name of the Vulnerable Software and Affected Versions FastDup WordPress plugin versions prior to 2.2 Description The issue concerns the FastDup WordPress plugin, which does not prevent directory listing in sensitive directories containing export files. This could potentially expose sensitive...

PT-2023-31326 · WordPress · Spoonthemes Couponis

Name of the Vulnerable Software and Affected Versions: Spoonthemes Couponis - Affiliate & Submitting Coupons WordPress Theme versions prior to 2.2 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows...

PT-2023-29025 · WordPress · Eventon

Name of the Vulnerable Software and Affected Versions: EventON WordPress plugin versions prior to 2.2 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in multisit...

Schneider Electric EcoStruxure Cybersecurity Admin Expert 安全漏洞

Schneider Electric EcoStruxure Cybersecurity Admin Expert Schneider Electric EcoStruxure CAE is a cybersecurity administration expert from Schneider Electric, France. A security vulnerability exists in versions of Schneider Electric EcoStruxure Cybersecurity Admin Expert prior to 2.2, which stems...

NFLPick-Em.com SQL注入漏洞

NFLPick-Em.com is a dice rolling game by ummmmm individual developers. A SQL injection vulnerability exists in versions of NFLPick-Em.com prior to 2.2.x. The vulnerability originates in the function LoadUsers in the file html/includes/runtime/admin/JSON/LoadUsers.php, where manipulation of the...

WordPress plugin AdminPad 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

Aaron Crawford OpenRepeater Operating System Command Injection Vulnerability

Aaron Crawford OpenRepeater is an application by Aaron Crawford, an individual developer in the United States. It provides a home for updating and sharing code. An operating system command injection vulnerability exists in OpenRepeater. The vulnerability stems from allowing shell meta-commands to...

CVE-2018-9137

Open-AudIT before 2.2 has CSV Injection...

Mozilla Firefox OS Security Mechanism Bypass Vulnerability

Firefox OS is an open source mobile operating system with a Linux kernel for smartphones. A security vulnerability exists in Mozilla Firefox OS versions prior to 2.2. It could allow an attacker in close physical proximity to access the UMS media volume via the usb interface, bypassing the passwor...

PT-2014-5446 · Red Hat · Red Hat Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise versions prior to 2.2 Description: The issue allows remote attackers to access the network resources of arbitrary gears via unspecified vectors due to improper access restriction to gears. Recommendations: For...