Linux Distros Unpatched Vulnerability : CVE-2023-41260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. CVE-2023-41260 Note...

Linux Distros Unpatched Vulnerability : CVE-2022-25803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search. CVE-2022-25803 Note that Nessus relies on the presence of the package a...

Linux Distros Unpatched Vulnerability : CVE-2025-30087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL. CVE-2025-30087 Note th...

Linux Distros Unpatched Vulnerability : CVE-2019-14465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fmtmtmloadsong in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow. CVE-2019-14465 Note that Nessus relies on the presence of the package a...

Linux Distros Unpatched Vulnerability : CVE-2023-43641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNO...

Linux Distros Unpatched Vulnerability : CVE-2021-38562

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against...

Linux Distros Unpatched Vulnerability : CVE-2025-2545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails se...

Linux Distros Unpatched Vulnerability : CVE-2023-36250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new...

Linux Distros Unpatched Vulnerability : CVE-2022-2235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient sanitization in GitLab EE's external issue tracker affecting all versions from 14.5 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1....

CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...

CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...

CVE-2025-54877

Tuleap CVE-2025-54877 affects Community Edition <16.10.99.1754050155 and Enterprise Edition <16.9-8 and

CVE-2025-48305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon goal-tracker-for-patreon allows Stored XSS.This issue affects Goal Tracker for Patreon: from n/a through = 0.4.6...

CVE-2025-48305 WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon goal-tracker-for-patreon allows Stored XSS.This issue affects Goal Tracker for Patreon: from n/a through = 0.4.6...

CVE-2025-48305

CVE-2025-48305 affects the WordPress plugin Goal Tracker for Patreon (versions up to 0.4.6) with a stored XSS due to improper input neutralization during web page generation. Connected sources corroborate the vulnerability type (Stored XSS) and affected version range, and Patchstack/PTSecurity gu...

CVE-2025-48305 WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon allows Stored XSS. This issue affects Goal Tracker for Patreon: from n/a through 0.4.6...

CVE-2025-51643

Meitrack T366G-L GPS Tracker devices contain an SPI flash chip Winbond 25Q64JVSIQ that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of...

WordPress plugin Goal Tracker for Patreon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Meitrack T366G-L GPS Tracker 安全漏洞

Meitrack T366G-L GPS Tracker is a vehicle GPT locator from Meitrack China. A security vulnerability exists in the Meitrack T366G-L GPS Tracker, which originates from improper access control of the SPI flash memory chip and could lead to the disclosure of sensitive configuration data...

PT-2025-34994

Name of the Vulnerable Software and Affected Versions: vikingjs Goal Tracker for Patreon versions through 0.4.6 Description: The application suffers from a Stored Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of...