CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

EUVD-2025-26231

Malicious code in bioql PyPI...

Open Journal Systems Cross-Site Request Forgery Vulnerability

Open Journal Systems OJS is an open source system for managing peer-reviewed academic journals. A cross-site request forgery vulnerability exists in Open Journal Systems versions prior to 3.3.0-16 that stems from the presence of a cross-site request forgery CSRF vulnerability...

CVE-2022-1964

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

CVE-2022-24433

The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetchremote, branch, handlerFn function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary...

Unspecified Vulnerability in Mattermost Server (CNVD-2020-35455)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.3.0. An attacker could exploit the vulnerability by using the WebSocket feature to send a pop-up message to a user or change...