13 matches found
CVE-2026-39415
Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...
CVE-2026-39415 Frappe Learning Management System has Client-Side Manipulation of Quiz Scores
Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...
CLEANSTART-2026-EQ25508 Security fixes for CVE-2025-11082, CVE-2025-11083 applied in versions: 2.46.0-r0
Multiple security vulnerabilities affect the $pkgname-$CTARGETARCH package. These issues are resolved in later releases. See references for individual vulnerability details...
WordPress plugin YITH WooCommerce Request A Quote has a security vulnerability.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2026-23626
Kimai is a web-based multi-user time-tracking application. Prior to version 2.46.0, Kimai's export functionality uses a Twig sandbox with an overly permissive security policy DefaultPolicy that allows arbitrary method calls on objects available in the template context. An authenticated user with...
CVE-2026-23626 Kimai Vulnerable to Authenticated Server-Side Template Injection (SSTI)
Kimai is a web-based multi-user time-tracking application. Prior to version 2.46.0, Kimai's export functionality uses a Twig sandbox with an overly permissive security policy DefaultPolicy that allows arbitrary method calls on objects available in the template context. An authenticated user with...
CVE-2023-31086
Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin = 2.46.0 versions...
SUSE-SU-2024:4079-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747: - CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...
SUSE-SU-2024:3870-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. - CVE-2024-40866 - CVE-2024-44187 Already fixed in version 2.44.3: - CVE-2024-4558 - CVE-2024-27838 - CVE-2024-27851 Already fixed in version 2.44.2: - CVE-2024-27834 - CVE-2024-27808 - CVE-2024-27820 -...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833 Already fixed in...
SUSE-SU-2024:3751-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. - CVE-2024-40866 - CVE-2024-44187 Already fixed in version 2.44.3: - CVE-2024-4558 - CVE-2024-27838 - CVE-2024-27851 Already fixed in version 2.44.2: - CVE-2024-27834 - CVE-2024-27808 - CVE-2024-27820 -...