5 matches found
EUVD-2026-36442
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols. Combined with the bridge's set/defineProperty/deleteProperty traps having no isDangerousCrossRealmSymbol key check, sandbox...
CVE-2025-67221
The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents...
WordPress BMLT WordPress Plugin plugin <= 3.11.4 - Cross-Site Request Forgery to Settings Creation and Deletion vulnerability
Cross-Site Request Forgery to Settings Creation and Deletion vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin BMLT WordPress Plugin versions = 3.11.4...
TencentOS Server 2: unbound (TSSA-2023:0126)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0126 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Dell SupportAssist for Home PCs 信任管理问题漏洞
Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs version 3.11.4 and prior versions, which...