CVE-2026-43883

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

CVE-2026-43885 WWBN AVideo: Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an unauthenticated user can read APISecret from objects/plugins.json.php and use it to call protected API endpoints e.g. userslist without logging in. Commit 1c36f229d0a103528fb9f64d0a1cc0e1e8f5999b contains an...

EUVD-2026-24561

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

PT-2026-34207

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description A directory traversal flaw exists where a security check in 'objects/aVideoEncoderReceiveImage.json.php' only validates the URL path component for traversal sequences. However, the try get...

CVE-2025-46598

Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...

EUVD-2025-208889

Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...

CVE-2025-46598

Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...

CVE-2025-46598

Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...

CVE-2025-46598

Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...

CVE-2025-54604

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 1 of 2...

EUVD-2025-36549

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 2 of 2...

EUVD-2025-36539

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 1 of 2...

CVE-2025-54605

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 2 of 2...

CVE-2025-54604

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 1 of 2...

CVE-2025-54605

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 2 of 2...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core version 29.0 and earlier, which stems from uncontrolled resource consumption...

CVE-2025-54605

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 2 of 2...

Cross site scripting

A vulnerability, which was classified as problematic, was found in myapnea up to 29.0.x. Affected is an unknown function of the component Title Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 29.1.0 is able to address thi...

MyApnea 跨站脚本漏洞

MyApnea is an open source web framework for MyApnea. A cross-site scripting vulnerability exists in MyApnea version 29.0.x. The vulnerability stems from an unknown function in its Title Handler component that allows an attacker to implement cross-site scripting...

Mozilla Firefox 29.0 - Null Pointer Dereference Vulnerability

No description provided by source. html titleMozilla Firefox Null Pointer Dereference Vulnerability/title pre Fun side of life! br Details: Title: Mozilla Firefox Null Pointer Dereference Vulnerability Version: Prior to 29.0 Date: 4/30/2014 Discovered By: Mr.XHat E-Mail: Mr.XHat AT GMail.com Test...