CVE-2019-20220

In Support Incident Tracker SiT! 3.67, the searchid parameter in the searchincidentsadvanced.php page is affected by XSS...

CVE-2019-20222

In Support Incident Tracker SiT! 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS...

CVE-2020-10107

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php...

CVE-2023-49152

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Labs64 Credit Tracker allows Stored XSS.This issue affects Credit Tracker: from n/a through 1.1.17...

CVE-2025-23892

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through = 0.9.3...

CVE-2024-34077

MantisBT Mantis Bug Tracker is an open source issue tracker. Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending. The exploit is only possible whi...

CLSA-2026-1767799681 expat: Fix of 3 CVEs

Rebase to version 2.5.0 - CVE-2024-28757: prevent billion laughs attacks in isolated external parser part of 839, reject direct parameter entity recursion part of 839 - CVE-2025-59375: fix memory amplification and add allocation tracker - CVE-2013-0340: properly handle entities expansion...

CLSA-2026-1767799061 expat: Fix of 3 CVEs

Rebase to version 2.5.0 - CVE-2024-28757: prevent billion laughs attacks in isolated external parser part of 839, reject direct parameter entity recursion part of 839 - CVE-2025-59375: fix memory amplification and add allocation tracker - CVE-2013-0340: properly handle entities expansion...

CLSA-2026-1767798754 expat: Fix of 3 CVEs

Rebase to version 2.5.0 - CVE-2024-28757: prevent billion laughs attacks in isolated external parser part of 839, reject direct parameter entity recursion part of 839 - CVE-2025-59375: fix memory amplification and add allocation tracker - CVE-2013-0340: properly handle entities expansion...

CVE-2024-2075

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The attack can be...

[SECURITY] Fedora 42 Update: direwolf-1.8.1-1.fc42

Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...

PT-2026-6840

Name of the Vulnerable Software and Affected Versions GNOME localsearch MP3 Extractor affected versions not specified Description A flaw exists in tracker-miners where it incorrectly processes malformed MP3 files. This can lead to a denial of service, potentially causing the application to crash...

PT-2026-6841

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...

PT-2026-6842

Name of the Vulnerable Software and Affected Versions GNOME affected versions not specified Description A flaw exists in the GNOME localsearch MP3 Extractor, specifically within tracker-miners. Incorrect handling of malformed MP3 files can lead to a denial of service, potentially allowing for...

PT-2026-6839

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. This issue could allow an attacker to cause tracker-miners to crash, leading to a denial of service. The...

SUSE CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

WordPress ClickWhale - Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin <= 2.4.1 - Reflected Cross-Site Scripting vulnerability

WordPress ClickWhale - Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin = 2.4.1 - Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin ClickWhale versions = 2.4.1...

Linux Distros Unpatched Vulnerability : CVE-2023-54273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

EUVD-2023-60531

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...