PT-2026-37178

Name of the Vulnerable Software and Affected Versions Roadiz versions prior to 2.3.43 Roadiz versions prior to 2.5.45 Roadiz versions prior to 2.6.31 Roadiz versions prior to 2.7.18 Description The roadiz/openid package fails to properly implement the OIDC nonce validation process. While the...

Amazon Linux 2 : python, --advisory ALAS2-2026-3128 (ALAS-2026-3128)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3128 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorith...

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13. This CVE either no longer is or was never applicable...

PT-2024-20663 · WordPress · Powerpack Addons For Elementor

Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to and including 2.7.18 Description: The issue is related to Stored Cross-Site Scripting via the Twitter Tweet widget due to insufficient input sanitization and output escaping...

CVE-2017-18207 affecting package python2 2.7.18-14

CVE-2017-18207 affecting package python2 2.7.18-14. A patched version of the package is available...

net.kieker-monitoring:analysis (>=2.0.0 <=2.0.3), org.apache.nutch:nutch (=1.10) potentially affected by CVE-2019-12423 via org.apache.cxf:cxf (>=2.7.18 <=3.0.4)

org.apache.cxf:cxf MAVEN version =2.7.18, =2.0.0, =2.0.3 - org.apache.nutch:nutch =1.10 Source cves: CVE-2019-12423 Source advisory: OSV:GHSA-42F2-F9VC-6365...

DEBIAN-CVE-2012-3864

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request...