CVE-2026-3206

Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...

CVE-2026-3206

Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...

EulerOS Virtualization 2.13.1 : samba (EulerOS-SA-2025-2631)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in Samba File Transfer Software the affected version is unknown and classified as critical.The CWE...

CVE-2025-13646 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files...

CVE-2025-13645 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Deletion

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...

EUVD-2024-36392

Malicious code in bioql PyPI...

Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2025-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-15020

A vulnerability was found in liftkit database up to 2.13.1. It has been classified as critical. This affects the function processOrderBy of the file src/Query/Query.php. The manipulation leads to sql injection. Upgrading to version 2.13.2 is able to address this issue. The patch is named...

PT-2024-27245 · Asdcplib · Asdcplib

Name of the Vulnerable Software and Affected Versions: asdcplib versions 2.13.1 Description: The issue is a heap-based buffer over-read in the ASDCP::TimedText::MXFReader::h Reader::MD to TimedText TDesc function, located in AS DCP TimedText.cpp within the libasdcp.so library. Recommendations: Fo...

Sql injection

A vulnerability was found in liftkit database up to 2.13.1. It has been classified as critical. This affects the function processOrderBy of the file src/Query/Query.php. The manipulation leads to sql injection. Upgrading to version 2.13.2 is able to address this issue. The patch is named...

PT-2023-10339 · Unknown · Liftkit Database

Name of the Vulnerable Software and Affected Versions: liftkit database versions up to 2.13.1 Description: A critical issue has been found, affecting the function processOrderBy of the file src/Query/Query.php. This leads to sql injection. Recommendations: For liftkit database versions up to...

Vulnerability fixed in Icinga

A vulnerability has been fixed in Icinga. Within Icinga TLS certificate verification is used. However However, the validity of the Certificate Authority is not checked. A malicious party can thus circumvent bypass security. Updates have been released to fix the vulnerabilities. More information c...

jansson 缓冲区错误漏洞

Jansson is a C library for encoding, decoding and manipulating JSON data. An out-of-bounds memory read vulnerability exists in Jansson 2.13.1 and earlier versions. The vulnerability stems from a parsing error in jsonloads. No details of the vulnerability are provided at this time...

PT-2020-15534 · Jenkins · Jenkins Subversion Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Plugin versions 2.13.1 and earlier Description: The issue arises from the Jenkins Subversion Plugin not configuring its XML parser to prevent XML external entity XXE attacks. This allows attackers who can control an agent...

CVE-2020-9488

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1...

PT-2020-15318 · Jenkins · Jenkins Subversion Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Plugin versions 2.13.0 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the error message for the Project Repository Base URL field form validation is not...

HTTP Request Smuggling

Overview SwiftNIOHTTP1 is a cross-platform asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling. HTTP request smuggling is possible usin...

Mautic cross-site scripting vulnerability (CNVD-2019-31196)

Mautic is an open source marketing automation software. The software monitors and manages websites, sends emails and manages customer resources. A cross-site scripting vulnerability exists in Mautic version 2.13.1, which can be exploited by an attacker to execute client-side code...

Security update for helm (moderate)

openSUSE Security Update: Security update for helm Announcement ID: openSUSE-SU-2019:1703-1 Rating: moderate References: 1118897 1118898 1118899 Cross-References: CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes thr...

Mozilla Seamonkey Security Bypass Vulnerabilities (Oct 2012) - Mac OS X

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...