PT-2026-46264

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The update stats used for updating counters and gauge methods do not check that value...

CVE-2026-6593 ComfyUI View Endpoint server.py cross site scripting

A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made...

EulerOS 2.0 SP12 : aide (EulerOS-SA-2025-2346)

According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An...

EUVD-2021-11305

Malware in sbrugna...

PT-2025-35319

Name of the Vulnerable Software and Affected Versions gnark versions prior to 0.13.0 Description gnark is a zero-knowledge proof system framework. A denial of service issue can occur when computing scalar multiplication using the fake-GLV algorithm in versions prior to 0.13.0. This is due to the...

SUSE CVE-2025-54409

AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...

CVE-2025-53549

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...

CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...

PT-2024-10625 · Unknown · Crypt::Random::Source

Name of the Vulnerable Software and Affected Versions: Crypt::Random::Source versions prior to 0.13 Description: The issue concerns the Crypt::Random::Source package for Perl, which has a fallback to the built-in rand function. This function is not a secure source of random bits, potentially...

CVE-2018-25107

The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand function, which is not a secure source of random bits...

CVE-2022-38075

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Mantenimiento web plugin = 0.13 on WordPress...

CVE-2022-41980

Auth. admin+ Cross-Site Scripting XSS vulnerability in Mantenimiento web plugin = 0.13 on WordPress...

WordPress plugin Mantenimiento Web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Denial of service

mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing iferror magic functions...

PT-2019-11748 · Jenkins · Jenkins Dependency Graph Viewer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Dependency Graph Viewer Plugin versions 0.13 and earlier Description: A stored cross site scripting issue allows attackers who can configure jobs in Jenkins to inject arbitrary HTML and JavaScript into the plugin-provided web pages in...

PT-2017-4091 · Jbig2Dec +2 · Jbig2Dec +2

Name of the Vulnerable Software and Affected Versions: jbig2dec version 0.13 Description: The issue is related to a NULL pointer dereference in the jbig2 huffman get function in jbig2 huffman.c. This can cause a crash, such as a segmentation fault, when parsing an invalid file. For example, the...

TFTgallery .13 XSS

No description provided by source. TFTgallery 0.13 is vulnerable to XSS Discovered by Blake http://example.com/tftgallery/index.php?page=1&album= scriptdocument.writedocument.cookie/script...

CVE-2004-0640

Format string vulnerability in the SSLsetverify function in telnetd.c for SSLtelnet daemon SSLtelnetd 0.13 allows remote attackers to execute arbitrary code...