PT-2026-47001

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutl...

Traefik 安全漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Vulnerabilities exist in versions prior to Traefik 2.11.44, 3.6.15, and 3.7.0-rc.3. These vulnerabilities stem from the errors middleware module, which forwards the entire set of request headers including...

PT-2025-51402

Name of the Vulnerable Software and Affected Versions WCFM Marketplace versions through 3.6.15 Description An authorization issue exists in WC Lovers WCFM Marketplace wc-multivendor-marketplace, allowing exploitation due to incorrectly configured access control security levels. The issue allows...

EUVD-2025-28167

Malicious code in bioql PyPI...

WordPress plugin MasterStudy LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-36249

Name of the Vulnerable Software and Affected Versions: MasterStudy LMS versions through 3.6.15 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: Update MasterStudy LMS to a version later than 3.6.15...

phpList < 3.6.16 XSS Vulnerability

phpList is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phplist:phplist"; i...

Design/Logic Flaw

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

CVE-2022-44583

Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin = 3.6.15 on WordPress...

PT-2022-27257 · Unknown · Watchtowerhq

Name of the Vulnerable Software and Affected Versions: WatchTowerHQ plugin versions 3.6.15 and earlier Description: The issue concerns an Unauth. Arbitrary File Deletion vulnerability. This vulnerability allows for unauthorized deletion of files. Recommendations: For WatchTowerHQ plugin versions...

PT-2020-10893 · Mongodb +1 · Mongodb Server +2

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.2.1 MongoDB Server versions prior to 4.0.13 MongoDB Server versions prior to 3.6.15 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted...

Epignosis eFront Code Execution Vulnerability

Epignosis eFront is an online learning system with an Ajax interface from Epignosis USA. The system allows you to create and manage courses with tools such as a content editor, file manager, and digital library. A code execution vulnerability exists in the globals.php page in eFront version 3.6.1...

eFront 3.6.15 Path Traversal

eFront 3.6.15 Path Traversal Vulnerability + Author: Filippo Roncari + Target: eFront + Version: 3.6.15 and probably lower + Vendor: www.efrontlearning.net + Accessibility: Remote + Severity: High + CVE: + Full Advisory: https://www.securenetwork.it/docs/advisory/SN-15-02eFront.pdf + Info:...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)

MozillaFirefox was updated to version 3.6.15, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)

MozillaFirefox was updated to version 3.6.15, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7371)

Mozilla Firefox has been updated to version 3.6.15, fixing the following %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid52736;...

MDVA-2011:008 : firefox

This is a bugfix release that upgrades firefox to the latest version 3.6.15 due to issues where some Java applets would fail to load. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:...