109 matches found
CVE-2025-9036
Rockwell Automation FactoryTalk Action Manager (v1.0.0 Runtime) is affected by a vulnerability in its runtime event system that permits unauthenticated local access to a reusable API token. The token is broadcast over a WebSocket and can be intercepted by any local client listening on the connect...
CVE-2025-9036 Rockwell Automation FactoryTalk® Action Manager v1.0.0 Runtime Vulnerability
A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection...
PT-2025-33277 · Unknown · Runtime Event System
Name of the Vulnerable Software and Affected Versions: runtime event system affected versions not specified Description: A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercept...
CVE-2023-27611
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
CVE-2023-5745
The Reusable Text Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'text-blocks' shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2022-45292
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted...
ZITADEL 安全漏洞
ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the container and serverless era, open sourced by ZITADEL in Switzerland. A security vulnerability exists in ZITADEL versions prior to 3.0.0, prior to 2.71.9, and prior to 2.70.10, which stems...
Ash Authentication 安全漏洞
Ash Authentication is an Ash authentication framework open-sourced by Alembic. A security vulnerability exists in Ash Authentication versions prior to 4.1.0 through 4.4.9, which stems from the presence of a token validation flaw that can lead to reusable magic link tokens...
CVE-2022-39326
kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the run-terraform reusable workflow from the kartverket/github-workflows repo are affected by a code injection vulnerability. A malicious actor could potentially send a PR with a...
Friday Squid Blogging: Cotton-and-Squid-Bone Sponge
News: A sponge made of cotton and squid bone that has absorbed about 99.9% of microplastics in water samples in China could provide an elusive answer to ubiquitous microplastic pollution in water across the globe, a new report suggests. … The study tested the material in an irrigation ditch, a...
[SECURITY] Fedora 40 Update: rust-tower-0.5.1-1.fc40
Tower is a library of modular and reusable components for building robust clients and servers...
[SECURITY] Fedora 39 Update: rust-tower0.4-0.4.13-1.fc39
Tower is a library of modular and reusable components for building robust clients and servers...
[SECURITY] Fedora 39 Update: rust-tower-0.5.1-1.fc39
Tower is a library of modular and reusable components for building robust clients and servers...
[SECURITY] Fedora 41 Update: rust-tower-0.5.1-1.fc41
Tower is a library of modular and reusable components for building robust clients and servers...
Resource Leakage
github.com/apache/incubator-answer is vulnerable to Resource Leakage. The vulnerability is due to improper management of the password reset link's validity, allowing it to remain active and reusable even after it has been used...
[SECURITY] Fedora 40 Update: xmlgraphics-commons-2.9-3.fc40
Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...
[SECURITY] Fedora 40 Update: plexus-utils-3.5.1-8.fc40
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
[SECURITY] Fedora 40 Update: plexus-resources-1.3.0-4.fc40
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
[SECURITY] Fedora 40 Update: plexus-containers-2.2.0-3.fc40
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
[SECURITY] Fedora 40 Update: plexus-i18n-1.0-0.31.b10.4.fc40
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...