@adpt/testutils (>=0.1.0-next.1 <=0.4.0-next.6), @lavamoat/git-safe-dependencies (>=0.1.1 <=0.2.1) +6 more potentially affected by CVE-2025-4759 via lockfile-lint-api (>=1.0.7 <=5.9.1)

lockfile-lint-api NPM version =1.0.7, =0.1.0-next.1, =0.1.1, =1.0.0, =4.3.1-test1, =1.3.0, =1.0.1, =4.2.2, =4.3.1, =4.7.0 Source cves: CVE-2025-4759 Source advisory: OSV:GHSA-7CFR-5CJF-32P4...

WordPress SoJ Soundslides plugin <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by Hoang Phuc Vo HrxKnight in WordPress Plugin SoJ SoundSlides versions = 1.2.2...

WordPress Code Clone plugin <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter vulnerability

Authenticated Administrator+ SQL Injection via snippetId Parameter vulnerability discovered by Hoang Phuc Vo HrxKnight in WordPress Plugin Code Clone versions = 0.9...

WordPress Sensly Online Presence plugin <= 0.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Vo Hoang Phuc in WordPress Plugin Sensly Online Presence versions = 0.6...

[SECURITY] Fedora 39 Update: python-astropy-5.3.3-1.fc39

The Astropy project is a common effort to develop a single core package for Astronomy. Major packages such as PyFITS, PyWCS, vo, and asciitable already merged in, and many more components being worked on. In particular, we are developing imaging, photometric, and spectroscopic functionality, as...

Fedora: Security Advisory for voms-clients-java (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

vo-da.ru Cross Site Scripting vulnerability OBB-3712120

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vo-dao-vietnam.de Cross Site Scripting vulnerability OBB-2807041

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

UBUNTU-CVE-2022-32317

DISPUTED The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vov4l2.c. This vulnerability can lead to a Denial of Service DoS via a crafted file. The device=strdup statement is not executed on every call. Note: This...

vo-radio.de Cross Site Scripting vulnerability OBB-1348056

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Weiphp 5.0beta official plugin microvoting frontend Vo***.php page has XSS vulnerability

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. Weiphp5.0beta official plugin microvoting foreground Vo.php page exists XSS vulnerability. Attackers can use the vulnerability to insert malicious js code t...

vo-radio.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1119560 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...