100 matches found
CVE-2018-18886
Helpy v2.1.0 has Stored XSS via the Ticket title...
CVE-2022-26533
Alist v2.1.0 and below was discovered to contain a cross-site scripting XSS vulnerability via /i/:data/ipa.plist...
CVE-2022-26300
EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txntestgenplugin...
EUVD-2020-16427
Malware in sbrugna...
EUVD-2021-19380
Malware in sbrugna...
CVE-2025-61680
CVE-2025-61680 concerns Minecraft RCON Terminal, a VS Code extension used for Minecraft server management. Versions 0.1.0–2.0.6 store passwords via VS Code's Configuration API, which writes to settings.json in plaintext. The underlying issue is plaintext password storage through the configuration...
EUVD-2022-30861
Malicious code in bioql PyPI...
SUSE CVE-2025-59345
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, The /api/v1/jobs and /preheats endpoints in Manager web UI are accessible without authentication. Any user with network access to the Manager can create, delete, and modify jobs, and create...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Summary of CVE-2024-44930 : Serilog (Serilog.Enrichers.ClientInfo) before v2.1.0 is affected by a Client IP Spoofing vulnerability. Attackers can falsify the client IP by supplying an arbitrary IP in the X-Forwarded-For or Client-Ip headers during HTTP requests. Affected component/functionality i...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36600
CVE-2024-36600 is a buffer overflow in libcdio 2.2.0 that allows an attacker to execute arbitrary code by crafting an ISO 9660 image. The issue stems from improper handling during parsing, leading to a potential code execution path. A fix exists in libcdio 2.3.0. Affected component: libcdio (libr...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-32343
A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...