CVE-2026-21294

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

GHSA-2768-5WMV-CFFF Magento vulnerable to stored Cross-Site Scripting (XSS)

Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be...

EUVD-2011-4866

Malware in sbrugna...

EUVD-2004-0178

Malware in sbrugna...

EUVD-2005-0208

Malware in sbrugna...

EUVD-2025-24451

Malicious code in bioql PyPI...

CVE-2010-5079

SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for 1 the CSRF protection mechanism, 2 autologin, 3 "forgot password" functionality, and 4 password salts, which makes it easier for remote attackers to bypass intended access restrictions via...

CVE-2025-24415

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed...

Wireshark SEoL (2.4.x)

According to its version, Wireshark is 2.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...

PT-2024-6959 · Adobe · Magento Open Source +1

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier Description: The issue is related to an Improper Access Control vulnerability that...

PT-2024-24200 · Unknown · Gin-Vue-Admin

Name of the Vulnerable Software and Affected Versions: sanluan flipped-aurora gin-vue-admin versions 2.4.x Description: An issue in the Session Expiration component allows an attacker to escalate privileges. Recommendations: For versions 2.4.x, consider restricting access to the Session Expiratio...

Gin-Vue-Admin 安全漏洞

Gin-Vue-Admin is a full-stack pre-development infrastructure platform based on Vue and Gin development. A security vulnerability exists in Gin-Vue-Admin version 2.4.x that stems from a vulnerability that allows an attacker to escalate privileges via the Session Expiration component...

SUSE CVE-2018-14367

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition...

XML Signature/Encryption Not Validated in Apache CXF

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...

Adobe Magento 路径遍历漏洞

Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides rights management, search engine and payment gateway features. A path traversal vulnerability exists in Adobe Magento. The vulnerability exists due to an input...

pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...

OpenVPN 2.3.x < 2.3.17 & 2.4.x < 2.4.3 Multiple Denial of Service Vulnerabilites (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is 2.3.x prior to 2.3.17 or 2.4.x prior to 2.4.3. It is, therefore, affected by multiple denial of service DoS vulnerabilities due to invalid input validation. An unauthenticated, remote...

Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.2. It is, therefore, potentially affected by an insecure library loading issue. The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...

Apache 2.4.x < 2.4.6 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.6. It is, therefore, potentially affected by the following vulnerabilities : - A denial of service vulnerability exists relating to the 'moddav' module as it relates to MERGE requests. CVE-2013-1896 - ...

pfSense 2.3.x < 2.3.5-p2 / 2.4.x < 2.4.3-p1 Multiple Vulnerabilities (SA-18_04 / SA-18_05)

According to its self-reported version number, the remote pfSense install is a version 2.3.x prior to 2.3.5-p2 or 2.4.x prior to 2.4.3-p1. It is, therefore, affected by multiple vulnerabilities: - In FreeBSD before 11.1-STABLEr332066 and 11.1-RELEASE-p10, due to insufficient initialization of...