EUVD-2026-32974

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot's Webhook data model and associated feature set could be configured by users with sufficient access to perform requests to various hosts and IP addresses that should not be permitted, allowi...

koa 输入验证错误漏洞

Koa.js is an open-source project developed by Koa.js, which uses Node.js as an expressive middleware. Versions of Koa prior to 3.1.2 and 2.16.4 contained a vulnerability related to input validation errors. This vulnerability stemmed from improper parsing of the HTTP Host header, which could lead ...

Linux Distros Unpatched Vulnerability : CVE-2026-27205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the...

CVE-2023-4890

The JQuery Accordion Menu Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcwp-jquery-accordion' shortcode in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

EUVD-2024-29842

Malicious code in bioql PyPI...

ChanCMS 访问控制错误漏洞

ChanCMS is a content management system by yanyutao0402 individual developer in China. An access control error vulnerability exists in ChanCMS 3.1.2 and earlier versions, which originates from information leakage due to incorrect operation of the parameters accessKey/secretKey in the file...

CVE-2024-31998

Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2024-31998

Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2024-31998 CSRF security issue on CSV import in Combodo iTop

Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2024-31998 CSRF security issue on CSV import in Combodo iTop

Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2024-31998 CSRF security issue on CSV import in Combodo iTop

Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2023-26091

The frpformanswers aka Forms Export extension before 3.1.2, and 4.x before 4.0.2, for TYPO3 allows XSS via saved emails...

OpenHarmony 授权问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony-v3.1.2 version and earlier versions, which can be exploited by LAN attackers to bypass distributed privilege control...

CVE-2022-36563

Incorrect access control in the install directory C:\RailsInstaller of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

GlusterFS Denial of Service Vulnerability

Red Hat Gluster is an open source distributed file system from Red Hat Red Hat. The system is mainly for media streaming, data analysis and other data- and bandwidth-intensive tasks to create large-scale distributed storage solutions. A denial of service vulnerability exists in Red Hat Gluster...

UBUNTU-CVE-2018-14660

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GFMETALOCKKEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs serv...

CVE-2017-17434

The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemonfilterlist data structure in the recvfiles function in receiver.c and also does not apply the sanitizepaths protection mechanism to pathnames found in "xname follows" strings in...

CVE-2017-3239

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server...

Oracle GlassFish Server Remote Security Vulnerability

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...

Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00929)

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The solution provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabili...