| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The WP eCommerce WordPress plugin through 3.15.1 does not have CSRF check in place when deleting coupons, which could allow attackers to make a logged in admin remove them via a CSRF attack |
| Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0. |
| Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.8.12, which was distributed via OpenVSX marketplace was compromised and contained malicious code designed to leverage local AI coding agent to collect and exfiltrate sensitive information. Users using the affected artifact are advised to immediately remove it and rotate environment secrets. The malicious artifact has been removed from the marketplace. No other affected artifacts have been identified. |
| CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially crafted markup, leading to unauthorized JavaScript code execution, if the editor instance used an unsafe General HTML Support configuration. This issue has been patched in version 47.6.0. |
| LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can modify checkpoint data in the backing store (for example, after a database compromise or other privileged write access to the persistence layer), they can potentially supply a crafted payload that triggers unsafe object reconstruction when the checkpoint is loaded. No known patch is public. |
| An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile, which is processed by the ASP.NET runtime. The uploaded configuration file alters the execution context of the upload directory, enabling compilation and execution of attacker-controlled code (e.g., generation of an .aspx webshell). This allows remote command execution on the server without user interaction beyond authentication, impacting both On-Premise and SaaS deployments. |
| Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4. |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20. |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2. |
| The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example. |
| Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. Prior to version 0.19.16, the GET /api/v4/image/{filename} endpoint is vulnerable to unauthenticated SSRF through parameter injection in the file_type query parameter. An attacker can inject arbitrary query parameters into the internal request to pict-rs, including the proxy parameter which causes pict-rs to fetch arbitrary URLs. This issue has been patched in version 0.19.16. |
| Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function implementation. The vulnerability allows an attacker to inject arbitrary JavaScript code into the application's runtime environment. This issue stems from an insecure implementation of the call_user_func_array function (and its wrapper call_user_func), which fails to properly validate all components of a callback array before passing them to eval(). This issue has been patched in version 3.0.0. |
| @hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections (e.g. protecting /admin/*), inconsistent URL decoding can allow protected static resources to be accessed without authorization. In particular, paths containing encoded slashes (%2F) may be evaluated differently by routing/middleware matching versus static file path resolution, enabling a bypass where middleware does not run but the static file is still served. This issue has been patched in version 1.19.10. |
| Missing Authorization vulnerability in Rank Math Rank Math SEO PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO PRO: from n/a through 3.0.95. |
| The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users |
| Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable via the mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject() APIs. This issue has been patched in versions 3.8.3, 4.3.7, and 5.1.5. |
| Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through <= 2.1.0. |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1. |
| Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through <= 2.0. |
| Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. |
