PT-2026-33039

Name of the Vulnerable Software and Affected Versions Magazine Blocks versions prior to 1.8.4 Description BlockArt Magazine Blocks contains a missing authorization flaw that allows the exploitation of incorrectly configured access control security levels. Recommendations Update to a version later...

CVE-2024-34793

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kharim Tomlinson WP Next Post Navi allows Stored XSS.This issue affects WP Next Post Navi: from n/a through 1.8.3...

CVE-2025-62126

CVE-2025-62126 affects Varnish/Nginx Proxy Caching (versions from n/a up to 1.8.3). Root cause: Insertion of Sensitive Information Into Sent Data, enabling exposure of embedded sensitive data via the proxy. Impact: sensitive information exposure via cached responses. Exploit details are not provi...

WordPress Alt Text Generator AI plugin <= 1.8.3 - Missing Authorization to Authenticated (Subscriber+) API Key Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ API Key Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Alt Text Generator AI versions = 1.8.3...

EUVD-2025-36040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maarten Links shortcode links-shortcode allows Stored XSS.This issue affects Links shortcode: from n/a through = 1.8.3...

CVE-2025-62898 WordPress Links shortcode plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maarten Links shortcode links-shortcode allows Stored XSS.This issue affects Links shortcode: from n/a through = 1.8.3...

EUVD-2010-1352

Malware in sbrugna...

EUVD-2023-29158

Malicious code in bioql PyPI...

CVE-2024-56323 OpenFGA Authorization Bypass

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

WordPress WP Next Post Navi plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by alfido osdie Patchstack Alliance in WordPress Plugin WP Next Post Navi versions = 1.8.3...

CVE-2023-5335

The Buzzsprout Podcasting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'buzzsprout' shortcode in versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

Apache Fineract SQL注入漏洞

Apache Fineract is an open source digital financial services platform from the Apache Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other features. Apache Fineract versions 1.4 to 1.8.3 have a SQL injection...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3306 more potentially affected by CVE-2023-26116 via angular (>=1.2.27 <=1.8.3)

angular NPM version =1.2.27, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26116 Source advisory: SNYK:JS-ANGULAR-3373044...

CVE-2023-1270 Cross-site Scripting in btcpayserver/btcpayserver

Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3...

PT-2023-16851 · Unknown · Btcpay Server

Name of the Vulnerable Software and Affected Versions: btcpayserver/btcpayserver versions prior to 1.8.3 Description: The issue concerns Cross-site Scripting and Command Injection in the GitHub repository btcpayserver/btcpayserver. Recommendations: For versions prior to 1.8.3, update to version...

SUSE CVE-2018-20179

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspciprocess and results in memory corruption and probably even a remote code execution...

PT-2022-27427 · Slixmpp +1 · Slixmpp +1

Name of the Vulnerable Software and Affected Versions: Slixmpp versions prior to 1.8.3 Description: The issue lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. Recommendations: For versions prior to 1.8.3, update to version...

CVE-2022-2930

Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3...

PT-2022-12972

Name of the Vulnerable Software and Affected Versions YOURLS versions prior to 1.8.3 Description The issue is related to Cross-Site Request Forgery CSRF in the YOURLS repository. This allows an attacker to perform unintended actions on a user's account. Recommendations For versions prior to 1.8.3...

PT-2021-6714 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: Libsixel versions prior to 1.8.3 Description: The issue is related to a stack buffer overflow in the gif process raster function at fromgif.c, which can be exploited by a remote attacker to cause a denial of service. Recommendations: For...