12 matches found
EUVD-2026-9120
A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wrencompiler.c. The manipulation results in uncontrolled recursion. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the...
CVE-2026-1175
A vulnerability was identified in birkir prime up to 0.4.0.beta.0. This impacts an unknown function of the file /graphql of the component GraphQL Directive Handler. Such manipulation leads to information exposure through error message. The attack may be performed from remote. The exploit is...
CVE-2025-57936 WordPress Subresource Integrity (SRI) Manager Plugin <= 0.4.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Meitar Subresource Integrity SRI Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subresource Integrity SRI Manager: from n/a through 0.4.0...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2025-21607 via vyper (>=0.1.0b12 <=0.4.0)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2025-21607 Source advisory: OSV:PYSEC-2025-33...
PT-2025-4296 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper versions 0.2.0 through 0.4.0 Description: The Vyper Compiler has a vulnerability when using the precompiles EcRecover 0x1 and Identity 0x4, where the success flag of the call is not checked. This allows an attacker to provide a specific...
PT-2025-4574 · WordPress · Wpex Replace Db Urls
The vulnerable software is WPEX Replace DB Urls, developed by Detlef Stöver. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This issue affects WPEX Replace DB Urls versions from n/a through...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2024-24567 via vyper (>=0.1.0b12 <=0.4.0)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2024-24567 Source advisory: OSV:PYSEC-2024-151...
PT-2023-17049 · Sccache +2 · Sccache +2
Name of the Vulnerable Software and Affected Versions: sccache versions prior to 0.4.0 Description: The sccache client can execute arbitrary code with the privileges of a local sccache server by preloading the code in a shared library passed to LD PRELOAD. If the server is run as root, which is t...
GHSA-32GR-X76G-267W SQL injection in webbuilders-group silverstripe-kapost-bridge
A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...
PT-2023-10256 · Webbuilders · Silverstripe-Kapost-Bridge
Name of the Vulnerable Software and Affected Versions: webbuilders-group silverstripe-kapost-bridge version 0.3.3 Description: A critical issue has been found, affecting the index/getPreview function of the file code/control/KapostService.php. This issue leads to sql injection and can be launched...
PT-2022-24814 · Go-Cvss · Go-Cvss
Name of the Vulnerable Software and Affected Versions: go-cvss versions prior to v0.4.0 Description: The issue arises when a full CVSS v2.0 vector string is parsed using the ParseVector function, potentially leading to an Out-of-Bounds Read due to a lack of tests, causing the Go module to panic...
PT-2019-12928 · Parso +1 · Parso +1
Name of the Vulnerable Software and Affected Versions: parso versions through 0.4.0 Description: A deserialization vulnerability exists in the way parso handles grammar parsing from the cache. Cache loading relies on pickle, and if an evil pickle can be written to a cache grammar file and its...