CVE-2020-15244

In Magento rubygems openmage/magento-lts package before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The issue is patched in versions 19.4.8 and 20.0.4...

CVE-2020-11011

In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8...

CVE-2020-26263

tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. In tlslite-ng before versions 0.7.6 and 0.8.0-alpha39, the code that performs decryption and padding check in RSA PKCS1 v1.5 decryption is data dependant. In particular, the code has multiple ways in...

CVE-2020-26261

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...

CVE-2020-26295

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 an...

CVE-2020-26282

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...

CVE-2024-43789

Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in the latest version of Discourse. All users...

CVE-2024-52807

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from...

CVE-2024-7781

The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.7.5. This is due to improper authentication via the Social Login widget. This makes it possible for unauthenticated attackers to log in as the first user to have logged in with a...

CVE-2024-7884

When a canister method is called via iccdk::call , a new Future CallFuture is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture...

CVE-2024-21633

Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...

CVE-2024-21627

PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the isCleanHTML method. Some modules using the isCleanHTML method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this...

CVE-2024-28855

ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters prior to versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and...

CVE-2024-35237

MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit 48e3e5e7ead6777fa75d57c7711c8e55b501c24e...

CVE-2025-24964

Vitest CVE-2025-24964 is a remotely exploitable CSWSH (Cross-site WebSocket hijacking) vulnerability in the Vitest API server when api is enabled. The WebSocket server did not validate Origin or enforce authorization, exposing saveTestFile (edits test files) and rerun (executes tests) APIs. An at...

ZX Allows Environment Variable Injection for dotenv API

Impact This vulnerability is an Environment Variable Injection issue in dotenv.stringify, affecting google/zx version 8.3.1. An attacker with control over environment variable values can inject unintended environment variables into process.env. This can lead to arbitrary command execution or...

CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

WildFly improper RBAC permission

A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...

PT-2025-1796 · WordPress · Drag/Drop Multiple File Upload – Contact Form 7

Name of the Vulnerable Software and Affected Versions: Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress versions up to, and including, 1.3.8.5 Description: The issue is related to insufficient file path validation in the dnd codedropz upload delete function, allowing...

Security update for SDL2_sound (important)

openSUSE Security Update: Security update for SDL2sound Announcement ID: openSUSE-SU-2025:0037-1 Rating: important References: 1216478 Cross-References: CVE-2023-45676 CVE-2023-45677 CVE-2023-45679 CVE-2023-45680 CVE-2023-45681 CVE-2023-45682 Affected Products: openSUSE Backports SLE-15-SP6 An...