CVE-2026-6979 devlikeapro WAHA API Request media.controller.ts server-side request forgery

A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and m...

CVE-2026-23421

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

EUVD-2022-30281

Malicious code in bioql PyPI...

Malicious code in wa-ret-rop (npm)

The package wa-ret-rop was found to contain malicious code...

MAL-2025-38731 Malicious code in wa-ret-rop (npm)

The package wa-ret-rop was found to contain malicious code...

CVE-2022-25621

UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2....

Announcing the BlueHat 2024 Sessions

34 sessions from 54 presenters representing 20 organizations! We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30. This year's conference continues the BlueHat ethos and Secure Future Initiative mission of...

Malicious code in uchiwa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b78fb0f3b60891d298b32c03ea935ba7012fa9c434f044309d2107610e14bd2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RHSA-2018:2616 Red Hat Security Advisory: RHGS WA security, bug fix, and enhancement update

Bulletin has no description...

CVE-2024-31616

An issue discovered in RG-RSR10-01G-TW-S and RG-RSR10-01G-TWA-S routers with firmware version RSR10-01G-T-SRSR3.01B9P2, Release07150910 allows attackers to execute arbitrary code via the commonquickconfig.lua file...

CVE-2024-32394

An issue in ruijie.com/cn RG-RSR10-01G-TWA-S RSR3.01B9P2RSR10-01G-TW-S07150910 and RG-RSR10-01G-TWA-S RSR3.01B9P2RSR10-01G-TW-S07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request...

CVE-2024-32394

CVE-2024-32394 affects Ruijie RG-RSR10-01G-T(WA)-S devices (RSR 3.0(1)B9P2 and RSR10-01G-TW-S 07150910). The issue permits remote code execution via a crafted HTTP request, with CVSSv3.1 metrics indicating adjacent access, no privileges required, and user interaction not needed; impact is High on...

library.museum.wa.gov.au Cross Site Scripting vulnerability OBB-3900303

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2023-52634

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disableotgwa logic Why When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO causing both HPO and DIG registers to be set at the same time when only HPO is supposed to be set. This...

library.museum.wa.gov.au Cross Site Scripting vulnerability OBB-3889572

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

prosecutions.commerce.wa.gov.au Cross Site Scripting vulnerability OBB-3883176

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

wa-marui.com Improper Access Control vulnerability OBB-3815493

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

library.museum.wa.gov.au Cross Site Scripting vulnerability OBB-3761359

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

hlbinsolvencywa.com.au Cross Site Scripting vulnerability OBB-3701358

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-21277 · L Soft · Listserv

Name of the Vulnerable Software and Affected Versions: L-Soft LISTSERV versions 16.5 through 16.5 Description: The issue allows an attacker to conduct XSS attacks via a crafted URL, specifically exploiting the REPORT parameter in wa.exe. Recommendations: For versions 16.5, update to version 17 or...