Unity Linux 20.1070a Security Update: tbb (UTSA-2026-021383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021383 advisory. In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of...

CVE-2025-10930

Cross-Site Request Forgery CSRF vulnerability in Drupal Currency allows Cross Site Request Forgery.This issue affects Currency: from 0.0.0 before 3.5.0...

PT-2025-44358

Name of the Vulnerable Software and Affected Versions Drupal Currency versions prior to 3.5.0 Description A Cross-Site Request Forgery CSRF issue exists in Drupal Currency. This allows attackers to perform actions on behalf of authenticated users without their knowledge. CSRF occurs when a...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. An SQL injection vulnerability exists in WeGIA versions prior to 3.5.0 that stems from improper handling of the idproduto parameter in the control.php endpoint, which could lead to an SQL injection attack...

WordPress plugin Easy Digital Downloads 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...

FreeRDP 安全漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A security vulnerability existed prior to FreeRDP version 3.5.0, which stemmed from the vulnerability of FreeRDP-based clients to out-of-bounds reads. No details of the vulnerability are provided at...

WordPress Plugin Starbox Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

TYPO3 Security Vulnerabilities

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. A security vulnerability exists in TYPO3 versions prior to 3.5.0 that stems from allowing cross-site scripting XSS attacks via component parameters...

PT-2023-33015 · Unknown · Kubernetes Client

Name of the Vulnerable Software and Affected Versions: Kubernetes client versions prior to 3.5.0 Description: The issue allows sensitive data from Secret resources to be logged into the debug log when debug logging is enabled via the DEBUG environment variable. This could expose sensitive...