bsign-ui (>=0.0.3 <=0.0.5), gc-nimbus-ui (>=3.0.0 <=3.0.12) potentially affected by CVE-2026-47762 via tinymce (>=8.0.2 <=8.2.2)

tinymce NPM version =8.0.2, =0.0.3, =3.0.0, =3.0.12 Source cves: CVE-2026-47762 Source advisory: SNYK:JS-TINYMCE-17056141...

protobuf.js 安全漏洞

protobuf.js is a pure JavaScript implementation of the protobuf.js project, open source. It provides a protocol buffer implementation that supports Node.js and browsers with TypeScript. It’s easy to use, extremely fast, and can be used out of the box through.proto files. Versions prior to 7.5.6 a...

PT-2026-40265

Name of the Vulnerable Software and Affected Versions FortiAuthenticator versions 8.0.0 through 8.0.2 FortiAuthenticator versions 6.6.0 through 6.6.8 FortiAuthenticator versions 6.5.0 through 6.5.6 Description An improper access control issue in API endpoints allows an unauthenticated remote...

@graphql-mesh/plugin-rate-limit (>=0.2.23 <=1.0.0-alpha-20230524103718-9e72bdbec), @graphql-mesh/plugin-snapshot (>=0.1.24 <=1.0.0-alpha-20230524103718-9e72bdbec) +13 more potentially affected by CVE-2026-27903 via minimatch (>=8.0.2 <=8.0.4)

minimatch NPM version =8.0.2, =0.2.23, =0.1.24, =0.15.24, =2.0.0-beta.0, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =1.6.0, =1.4.1, =1.4.4 Source cves: CVE-2026-27903 Source advisory: SNYK:JS-MINIMATCH-15353389...

orval (>=8.0.0 <=8.0.2) potentially affected by CVE-2026-24132 via @orval/mock (>=8.0.0-rc.0 <=8.0.2)

@orval/mock NPM version =8.0.0-rc.0, =8.0.0, =8.0.2 Source cves: CVE-2026-24132 Source advisory: OSV:GHSA-F456-RF33-4626...

Linux Distros Unpatched Vulnerability : CVE-2025-64333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 an...

DEBIAN-CVE-2025-64344

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

CVE-2025-64330

CVE-2025-64330 concerns Suricata, a network IDS/IPS engine. Prior to versions 7.0.13 and 8.0.2, a single-byte read heap overflow during verdict logging in eve.alert/eve.drop can cause crashes when the per-packet alert queue is saturated and a pass rule follows. The issue has been patched in 7.0.1...

CVE-2025-64332 Suricata is vulnerable to a stack overflow on larger compressed data

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...

PT-2025-48207

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata is a network IDS, IPS and NSM engine. Processing large buffers in Lua scripts before versions 7.0.13 and 8.0.2 can lead to a stack overflow. Users utilizin...

PT-2025-47543

SonicWall SonicOS and Affected Versions SonicWall versions prior to 7.3.1-7013 SonicWall versions prior to 8.0.3-8011 SonicWall versions 7.3.0-7012 and older SonicWall versions 8.0.2-8011 and older Description A stack-based buffer overflow vulnerability exists in the SonicOS SSLVPN service. This...

CVE-2022-41563 TIBCO JasperReports Server Stored XSS Vulnerability

The Dashboard component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure,...

CVE-2021-45899

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution...

PT-2020-12283 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak versions 8.0.2 through 9.0.0 Description: A flaw was found where a malicious user can register as oneself and then use the "remove devices" form to post different credential IDs with the hope of removing MFA devices for other users...

CVE-2019-3400

The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the jql parameter...

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor. Cross-site Scripting Access Control For Access Control, Hitachi Data Center Analytics v8.0.0, v8.0.2, v8.1.0, and v8.1.3 will be affected. Impact Regarding the impact of the vulnerability, please refer ...