CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: cilium-envoy-fips, flux-helm-controller, crossplane-function-environment-configs-fips, kubevirt-cdi-uploadserver-fips, gitlab-kas-fips, kargo, neuvector-dbgen, node-problem-detector-fips, nats-top, trivy-fips, certificate-transparency-fips, kubernetes-csi-driver-nfs,...

EUVD-2022-4708

Malicious code in bioql PyPI...

EUVD-2024-25124

Malicious code in bioql PyPI...

EUVD-2023-29397

Malicious code in bioql PyPI...

EUVD-2022-2658

Malicious code in bioql PyPI...

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: sftpgo-plugin-geoipfilter, custom-pod-autoscaler-operator, gitsign, k8sgpt-operator, confluent-common-docker, rancher-machine, bank-vaults, ctop, gostatsd, kube-vip-cloud-provider, container-object-storage-interface, cloud-provider-aws, grafana-operator, kube-vip,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: sftpgo-plugin-geoipfilter, custom-pod-autoscaler-operator, gitsign, k8sgpt-operator, confluent-common-docker, rancher-machine, bank-vaults, ctop, gostatsd, kube-vip-cloud-provider, container-object-storage-interface, cloud-provider-aws, grafana-operator, kube-vip,...

CVE-2025-6065

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which c...

CVE-2025-6065

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which c...

CVE-2025-6065 Image Resizer On The Fly <= 1.1 - Unauthenticated Arbitrary File Deletion

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which c...

WordPress Image Resizer On The Fly plugin <= 1.1 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by theviper17y in WordPress Plugin Image Resizer On The Fly versions = 1.1...

WordPress plugin Image Resizer On The Fly 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists ...

PT-2025-25482 · WordPress · Image Resizer On The Fly

Name of the Vulnerable Software and Affected Versions: Image Resizer On The Fly plugin for WordPress versions up to, and including, 1.1 Description: The issue is related to insufficient file path validation in the 'delete' task, allowing unauthenticated attackers to delete arbitrary files on the...

CVE-2024-27950

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

CVE-2023-25442

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Marcel Pol Zeno Font Resizer plugin = 1.7.9 versions...

CVE-2020-13458

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action...

CVE-2020-13459

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action...

CVE-2025-22871 vulnerabilities

Vulnerabilities for packages: kube-metrics-adapter, q, kubeadm-bootstrap-controller, sriov-network-device-plugin, docker-cli, nri-apache, nri-jmx, dagdotdev, addon-resizer, aws-flb-kinesis, grafana-mimir, envoy-gateway, wgcf, esbuild, slsa-verifier, kind, gotestsum, nri-elasticsearch, spqr,...

GHSA-G9PC-8G42-G6VQ vulnerabilities

Vulnerabilities for packages: kube-metrics-adapter, q, kubeadm-bootstrap-controller, sriov-network-device-plugin, docker-cli, nri-apache, nri-jmx, dagdotdev, addon-resizer, aws-flb-kinesis, grafana-mimir, envoy-gateway, wgcf, esbuild, slsa-verifier, kind, gotestsum, nri-elasticsearch, spqr,...

CVE-2025-22871 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.11-sdk, cilium-envoy-fips, flux-helm-controller, node-problem-detector-fips, neuvector-dbgen, trivy-fips, kubernetes-csi-driver-nfs, redka, rclone-fips, terraform, grype-fips, nri-consul, aws-flb-kinesis, amazon-k8s-cni-fips, docker-fips,...