AZL-52192 CVE-2024-51744 affecting package influxdb for versions less than 2.7.5-4

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

PT-2023-29347 · Unknown · Byconsole Wooodt Lite

Name of the Vulnerable Software and Affected Versions: ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin versions = 2.4.6 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicio...

AZL-44172 CVE-2015-7747 affecting package audiofile for versions less than 0.3.6-27

Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c...