CVE-2026-3315

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...

EUVD-2025-31236

Malicious code in bioql PyPI...

CVE-2025-60140

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.3...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24662 more potentially affected by CVE-2025-55558 via torch (>=1.0.0 <=2.7.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-55558 Source advisory: OSV:PYSEC-2025-208...

CVE-2025-48325

Cross-Site Request Forgery CSRF vulnerability in shmish111 WP Admin Theme wp-admin-theme allows Stored XSS.This issue affects WP Admin Theme: from n/a through = 1.0...

CVE-2023-51510

Cross-Site Request Forgery CSRF vulnerability in Atlas Gondal Export Media URLs.This issue affects Export Media URLs: from n/a through 1.0...

acryl-datahub-airflow-plugin (>=0.10.5.2rc3 <=0.11.0rc1), aind-airflow-jobs (>=0.2.1 <=0.2.6) +22 more potentially affected by CVE-2025-30473 via apache-airflow-providers-common-sql (>=1.0.0 <=1.20.0)

apache-airflow-providers-common-sql PYPI version =1.0.0, =0.10.5.2rc3, =0.2.1, =0.11.0, =0.2.0, =0.0.1, =0.0.1, =0.3.1, =0.0.4, =0.0.1a0, =2.6.0, =1.0.0rc1, =0.0.36, =1.0.0rc1, =1.0.0, =2.5.1rc1 and more Source cves: CVE-2025-30473 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSCOMMONSQL-9667...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

PT-2024-2154 · Atlassian · Jira Service Management Server +1

Name of the Vulnerable Software and Affected Versions: Assets Discovery versions 1.0 through 6.2.0 Description: This issue allows an authenticated attacker to modify system calls, potentially impacting confidentiality, integrity, and availability. It requires no user interaction. Assets Discovery...

cpdb-libs 安全漏洞

cpdb-libs is an OpenPrinting open source front-end and back-end library for a generic print dialog. A security vulnerability exists in cpdb-libs versions 1.0 through 2.0b4, which stems from a buffer overflow due to improper use of scanf...

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

Project Wonder 跨站脚本漏洞

Project Wonder is an open source collection of reusable WebObjects frameworks, applications and extensions open sourced by the WOCommunity Association. A security vulnerability exists in Project Wonder versions 1.0 through 5.4.3 that stems from vulnerability to arbitrary HTTP header injection and...

CVE-2021-41042

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

cc.voox:publisher (=0.1.2.GA), com.bluejeans:ipc-channel-utils (>=1.0 <=1.0.1) +141 more potentially affected by CVE-2016-2173 via org.springframework.amqp:spring-amqp (>=1.0.0.RELEASE <=1.5.4.RELEASE)

org.springframework.amqp:spring-amqp MAVEN version =1.0.0.RELEASE, =1.0, =1.0, =0.9.0, =0.20.0, =1.31.1, =1.27.1, =1.31.0, =1.31.1, =1.31.1, =1.31.1, =1.31.1, =1.31.1, =1.31.1, =1.34.1 - com.bq.oss.corbel:evci =1.20.0 and more Source cves: CVE-2016-2173 Source advisory: OSV:GHSA-HRP3-8P5W-27GV...

ALPINE-CVE-2018-12546

In Eclipse Mosquitto version 1.0 to 1.5.5 inclusive when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future. In some applications this may result in clients...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +7882 more potentially affected by CVE-2016-3092 via commons-fileupload:commons-fileupload (>=1.0 <=1.3.1)

commons-fileupload:commons-fileupload MAVEN version =1.0, =1.1, =0.0.1, =1.0, =4.0, =4.0, =4.0, =4.0, =4.2 and more Source cves: CVE-2016-3092 Source advisory: OSV:GHSA-FVM3-CFVJ-GXQQ...