4570 matches found
Apache Traffic Server Access Control Error Vulnerability
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A security vulnerability exists in Apache Traffic Server versions 10.0.0 through 10.0.3, and no detailed vulnerability details are provided at this time...
MariaDB DoS Vulnerability (MDEV-32084)
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...
org.apache.nifi:nifi-mongodb-processors (>=2.0.0 <=2.2.0), org.apache.nifi:nifi-mongodb-services-nar (>=1.4.0 <=2.2.0) potentially affected by CVE-2025-27017 via org.apache.nifi:nifi-mongodb-services (>=1.13.0 <=2.2.0)
org.apache.nifi:nifi-mongodb-services MAVEN version =1.13.0, =2.0.0, =1.4.0, =2.2.0 Source cves: CVE-2025-27017 Source advisory: OSV:GHSA-35GQ-CVRM-XF94...
codeformer-perceptor (>=0.1.0 <=0.1.2), controlnet-hinter (>=0.0.3 <=0.0.5) +18 more potentially affected by CVE-2024-27763 via basicsr (>=1.3.4.9 <=1.4.2)
basicsr PYPI version =1.3.4.9, =0.1.0, =0.0.3, =1.0.2, =0.1.0, =2.2.4.5, =0.3.3, =0.0.1, =0.1.0, =0.2.2.3, =0.2.5.0 and more Source cves: CVE-2024-27763 Source advisory: SNYK:PYTHON-BASICSR-9459848...
CVE-2025-28908
CVE-2025-28908 affects the WordPress plugin pipDisqus (versions up to 1.6). The issue is a stored XSS caused by improper neutralization of input during web page generation, allowing injected scripts to persist in stored content. The available connected documents identify the vulnerability class a...
CVE-2025-28894
CVE-2025-28894 : A CSRF to Stored XSS vulnerability exists in the WordPress plugin “List of Posts from each Category” (WordPress). Affected: plugin versions n/a through 2.0. Root cause: Cross-Site Request Forgery enabling stored XSS. Impact/visibility: stored XSS via CSRF could affect site visito...
CVE-2025-26702
Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +105 more potentially affected by CVE-2025-1391 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.0.1)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-1391 Source advisory:...
01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25314 more potentially affected by CVE-2025-2149 via torch (>=1.0.0 <=2.6.0)
torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-2149 Source advisory: OSV:GHSA-X3GM-94WQ-G975...
Laravel Framework 跨站脚本漏洞
Laravel Framework is a PHP-based web application development framework from the individual developer Taylor Otwell. A security vulnerability exists in Laravel Framework versions 11.9.0 through 11.35.1, which stems from improper coding of request parameters on a debug mode error page and could lea...
DEBIAN-CVE-2023-52971
MariaDB Server 10.10 through 10.11. and 11.0 through 11.4. crashes in JOIN::fixallsplittingsinplan...
CVE-2023-52970
Disclaimer: This data contains information about vulnerable...
MariaDB 安全漏洞
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB versions 10.10 through 10.11.x and 11.0 through 11.4.x, which stems from a crash in...
AskAI (=0.1.0), ISP-SDK (>=0.1.0 <=0.2.3) +5221 more potentially affected by CVE-2025-4432 via ring (>=0.13.5 <=0.16.20)
ring CARGO version =0.13.5, =0.1.0, =0.1.0, =0.2.0, =0.10.2, =0.1.0, =0.2.0-beta.4, =0.21.0-alpha.1, =0.1.1, =0.11.0, =0.0.1, =0.0.7-alpha.3, =0.0.7-alpha.2, =0.0.7-alpha.1, =0.0.7-alpha.3, =0.2.0-alpha.0 and more Source cves: CVE-2025-4432 Source advisory: OSV:GHSA-4P46-PWFR-66X6...
aldryn-django (>=5.0.10.0 <=5.0.11.0), artd-customer (>=0.0.20 <=0.0.23) +65 more potentially affected by CVE-2025-26699 via django (>=5.0.0 <=5.0.12)
django PYPI version =5.0.0, =5.0.10.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =0.35.0 and more Source cves: CVE-2025-26699 Source advisory: OSV:GHSA-P3FP-8748-VQFQ...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +503 more potentially affected by CVE-2025-26699 via django (>=4.0.0 <=4.2.2)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-26699 Source advisory: SNYK:PYTHON-DJANGO-9296408...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1819 more potentially affected by CVE-2025-27622 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.492.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2025-27622 Source advisory: OSV:GHSA-P34J-R3CH-C985...
Apache Traffic Server 输入验证错误漏洞
Apache Traffic Server ATS is a suite of scalable HTTP proxy and caching servers from the Apache Foundation in the United States. A security vulnerability exists in Apache Traffic Server ATS versions 8.0.0 through 8.1.11, 9.0.0 through 9.2.8, and 10.0.0 through 10.0.3, which stems from improper...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.cloudbees.jenkins.plugins:additional-identities-plugin (>=109.v2c51a_117a_7b_4 <=141.vd9ede1e02477) +496 more potentially affected by CVE-2025-27625 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.492.1)
org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =2.2.0, =2.0.0, =0.1.0, =0.2.0 and more Source cves: CVE-2025-27625https://vulners.com/cve/CVE-2025-2...
CVE-2025-22212
A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the submission management area in backend...