11 matches found
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-typesense-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321396...
CVE-2026-1306
The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affecte...
@cubejs-backend/server (>=1.1.0 <=1.4.1), @cubejs-backend/testing-drivers (>=1.1.0 <=1.4.1) potentially affected by CVE-2026-25958 via @cubejs-backend/server-core (>=1.1.0 <=1.4.1)
@cubejs-backend/server-core NPM version =1.1.0, =1.1.0, =1.1.0, =1.4.1 Source cves: CVE-2026-25958 Source advisory: OSV:GHSA-V226-32C7-X2V7...
CVE-2023-30871
Unauth. Reflected Cross-Site Scripting XSS vulnerability in PT Woo Plugins by Webdados Stock Exporter for WooCommerce plugin = 1.1.0 versions...
WordPress plugin WP Odoo Form Integrator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
ch.artaios:openchemlib-vaadin (>=1.0.0 <=3.0.0), ch.jubnl:vsecureflow (>=0.0.15 <=0.0.16) +653 more potentially affected by CVE-2021-31404 via com.vaadin:flow-server (>=1.1.0 <=2.4.6)
com.vaadin:flow-server MAVEN version =1.1.0, =1.0.0, =0.0.15, =2.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1, =1.0.0, =1.4.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-31404 Source advisory: OSV:GHSA-XWG3-QRCG-W9X6...
CVE-2019-10070
Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality...
selectize-plugin-a11y cross-site scripting vulnerability
selectize-plugin-a11y is a plugin that sets the Selectize.js accessibile to Combobox. A cross-site scripting vulnerability exists in selectize-plugin-a11y versions prior to 1.1.0, which can be exploited by an attacker to execute client-side code...
cn.home1:oss-configserver (>=1.0.6.OSS <=1.0.7.OSS), cn.home1:spring-cloud-config-monitor (>=0.0.1 <=1.0.1.U1) +166 more potentially affected by CVE-2019-3799 via org.springframework.cloud:spring-cloud-config-server (>=1.1.0.RELEASE <=1.4.5.RELEASE)
org.springframework.cloud:spring-cloud-config-server MAVEN version =1.1.0.RELEASE, =1.0.6.OSS, =0.0.1, =0.0.1, =1.1.0-RELEASE, =1.0.0, =1.0.0, =1.5.0-Beta, =0.8.3, =0.8.3, =0.8.3, =0.8.3, =0.10.0 and more Source cves: CVE-2019-3799 Source advisory: OSV:GHSA-4X49-W62V-76Q7...
PT-2017-6521 · Musl +2 · Musl Libc +2
Name of the Vulnerable Software and Affected Versions: musl libc versions 0.9.15 through 1.0.4 musl libc versions 1.1.0 through 1.1.7 Description: A stack-based buffer overflow issue exists in the inet pton function in musl libc, which could allow attackers to have an unspecified impact. The issu...
PT-2013-4939 · Libvirt · Libvirt
Name of the Vulnerable Software and Affected Versions: libvirt versions 1.1.0 through 1.1.1 Description: The issue allows local users to cause a denial of service, specifically memory consumption, by providing a large number of domain migrate parameters in certain RPC calls. This is related to th...