@astralis-os/vitest (=2.4.1), @aws/nx-plugin (>=0.79.1 <=0.84.2) +75 more potentially affected by CVE-2026-47429 via vitest (>=4.0.13 <=4.0.9)

vitest NPM version =4.0.13, =0.79.1, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =4.0.0-alpha.31, =1.2.3-preview-a960555.0, =7.2.0, =11.0.33, =21.0.0-alpha.33, =23.0.0-alpha.1 - @forsakringskassan/vitest-config =1.1.0 and more Source cves:...

CVE-2024-31088

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...

EUVD-2024-28999

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...

EUVD-2025-143177

Malicious code in budi-kontol-ru npm...

EUVD-2025-136964

Malicious code in rusdi-set-ru npm...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990255)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990255 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989972)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989972 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently...

EUVD-2024-45094

Malicious code in bioql PyPI...

EUVD-2023-29017

Malicious code in bioql PyPI...

Malicious code in @zalastax/nolb-react-ru (npm)

The package @zalastax/nolb-react-ru was found to contain malicious code...

MAL-2025-13748 Malicious code in @zalastax/nolb-react-ru (npm)

The package @zalastax/nolb-react-ru was found to contain malicious code...

elibrary.ru Cross Site Scripting vulnerability OBB-4043140

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

oskol.ret.ru Cross Site Scripting vulnerability OBB-4033162

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-50522

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redyyu WeChat Subscribers Lite wechat-subscribers-lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through = 1.6.6...

CVE-2024-50522 WordPress WeChat Subscribers Lite plugin <= 1.6.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redyyu WeChat Subscribers Lite wechat-subscribers-lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through = 1.6.6...

CVE-2024-50522

CVE-2024-50522 affects WordPress plugin WeChat Subscribers Lite (WeChat Subscribers Lite) up to version 1.6.6. The vulnerability is a Reflected Cross-Site Scripting (XSS) due to improper input neutralization during web page generation. Public docs confirm the affected software and vulnerability t...

NETGEAR R7000P 安全漏洞

The NETGEAR R7000P is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR R7000P v1.3.3.154, which originates from the pptpusernetmask parameter in the ruwanflow.cgi component that fails to correctly validate the length of the input data, and can be exploited by a...

CVE-2024-49620

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Naudin Vladimir FERMA.Ru.Net allows Blind SQL Injection.This issue affects FERMA.Ru.Net: from n/a through 1.3.3...

PT-2024-33575 · Unknown · Ferma.Ru.Net

Name of the Vulnerable Software and Affected Versions: FERMA.Ru.Net versions 1.3.3 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows an...

openSUSE: Security Advisory for roundcubemail(SUSE-RU-2024:2017-1)

The remote host is missing an update for the roundcubemail packages announced via the SUSE-RU-2024:2017-1 advisory. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...