CVE-2024-58041

Smolder versions through 1.51 for Perl uses insecure rand function for cryptographic functions. Smolder 1.51 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Smolder::DB::Developer uses t...

Smolder 安全漏洞

Smolder is a smoke testing report platform developed by WONKO’s individual developers. Versions of Smolder 1.51 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of the insecure rand function as the default entropy source in encryption functions, which may lead...

TorrentRockYou Torrent 3GP Converter 安全漏洞

TorrentRockYou Torrent 3GP Converter is a video format conversion tool developed by TorrentRockYou Corporation. Version 1.51 of TorrentRockYou Torrent 3GP Converter has a security vulnerability; this vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrary...

TorrentRockYou Torrent FLV Converter 安全漏洞

TorrentRockYou Torrent FLV Converter is a video format conversion tool developed by TorrentRockYou Inc. Version 1.51 Build 117 of TorrentRockYou Torrent FLV Converter has a security vulnerability. This vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrar...

MiracleLinux 8 : xmlrpc-c-1.51.0-11.el8_10 (AXSA:2025-9874:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9874:01 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly...

CVE-2025-11502 Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswptinymultiplefaq' shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

EUVD-2024-29956

Malicious code in bioql PyPI...

EUVD-2023-37378

Malicious code in bioql PyPI...

CVE-2024-55604

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace specifically, a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources,...

Appsmith 安全漏洞

Appsmith is an open source platform for building, deploying, and maintaining internal applications from Appsmith Open Source. A security vulnerability exists in Appsmith versions prior to 1.51 that stems from improper access control and could lead to information disclosure...

CVE-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace specifically, a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources,...

CVE-2024-55604

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55604 Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-55604

Appsmith prior to v1.51 contains an access-control flaw where users invited as an App Viewer can query the list of datasources in a workspace they belong to. The underlying issue is restricted to development information exposure, not the actual credentials; no sensitive data in datasources is rep...

CVE-2024-55604 Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources

Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...

CVE-2024-32135

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1.51...

EyouCMS 路径遍历漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou Company. A path traversal vulnerability exists in EyouCMS version 1.51, which originates from a path traversal issue in the activepath parameter of the editFile function on the...

WordPress Disable Comments | WPZest plugin <= 1.51 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Disable Comments | WPZest versions = 1.51...

WordPress Cookie Monster Plugin <= 1.51 is vulnerable to Cross Site Scripting (XSS)

Software Cookie Monster Type Plugin Vulnerable versions = 1.51 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33208 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aa59c76bd6cc Credits Prasanna V Balaji Required...