PT-2026-28633

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 8.0.1 Varnish Enterprise versions prior to 6.0.16r12 Description The software may improperly handle URLs with a path of '/' for HTTP/1.1 in certain unchecked request URL scenarios. This could potentially lead to...

CVE-2026-33351

WWBN AVideo is an open source video platform. Prior to version 26.0, a Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the...

Server-side Request Forgery (SSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the webSiteRootURL parameter in the saveDVR.json.php endpoint. An attacker can cause the server to make arbitrary HTTP request...

UBUNTU-CVE-2025-59728

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...

SUSE-SU-2025:02592-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 2.5.3 jscSLE-23879: - CVE-2025-46569: Fixed OPA server Data API HTTP path injection of Rego bsc1246725 Changelog: Update to 2.5.3: - Add signing-config create command 4280 - Allow multiple services to be specified for trusted-ro...

PT-2025-21172 · Itop · Itop

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.2.1 Description: The issue is related to a regular expression denial of service ReDoS that may affect the iTop server under certain circumstances. The problem arises from the use of an affected variable in a regular...

PYSEC-2025-11

A vulnerability in the KnowledgeBaseWebReader class of the run-llama/llamaindex repository, version latest, allows an attacker to cause a Denial of Service DoS by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the getarticleurls method, exhausting...

Race Condition

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Race Condition due to improper isolation in functions updaterootinconfig and route handlers that access and modify blocks.config. Attackers can explo...

GHSA-PX4X-HJM5-W8X3 Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. XFramium Builder Plugin 1.0.22 and earlier globally disables the...

GHSA-CVXJ-4745-843X Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. ScreenRecorder Plugin 0.7 and earlier programmatically updates the Java system...

Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. XFramium Builder Plugin 1.0.22 and earlier globally disables the...

Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. ScreenRecorder Plugin 0.7 and earlier programmatically updates the Java system...

Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. NeuVector Vulnerability Scanner Plugin 1.20 and earlier globally disables the...

GHSA-7RRJ-HQV6-FVPP Content-Security-Policy protection for user content can be disabled in Jenkins 360 FireLine Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. 360 FireLine Plugin 1.7.2 and earlier globally disables the...

Content-Security-Policy protection for user content can be disabled in Jenkins 360 FireLine Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. 360 FireLine Plugin 1.7.2 and earlier globally disables the...

PT-2022-26917 · Jenkins · Jenkins Screenrecorder Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ScreenRecorder Plugin versions 0.7 and earlier Description: The issue concerns the Jenkins ScreenRecorder Plugin, which programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived...

Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts. ZAP Pipeline Plugin prior to 1.10 globally disables the Content-Security-Policy header for static files served by Jenkin...

GHSA-4C87-9XQ5-5C35 Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts. ZAP Pipeline Plugin prior to 1.10 globally disables the Content-Security-Policy header for static files served by Jenkin...

Starbucks: Open redirect / Reflected XSS payload in root that affects all your sites (store.starbucks.* / shop.starbucks.* / teavana.com)

Hello, during some open redirects testing, I have noticed a very strange redirect that occured when I had modified a parameter using something like cofee. I have digged up further and then I have noticed that one can make a redirect by modifying GET parameters with this structure : //google.com...

EspCMS 后台登录绕过漏洞再利用(再利用！)

简要描述： 声明下，此漏洞0413提交到360漏洞平台，之后0422官方修复了该漏洞。 现在提交到wooyun是绕过官方修复的方法，继续利用。 可以算是老漏洞提死回生，不应该算是同一个漏洞提交到两个地方，希望有关部门能够明白，尽管代码非常像。 详细说明：...