Contact Privacy DMCA

Robuta
https://www.netgear.com/sg/about/security/kb/netgear-product-vulnerability-advisory-readyshare/ NETGEAR Product Vulnerability Advisory_ ReadySHARE | kb | Security Advisory | About Us | NETGEAR vulnerability advisorynetgearproductkbsecurity https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.mono.llvm.linux-x64/CVE-2021-34485/ .NET Core Information Disclosure Vulnerability | GitLab Advisory Database (GLAD) CVE-2021-34485 .NET Core Information Disclosure Vulnerability: .NET Core and Visual Studio Information Disclosure Vulnerability net coreinformation disclosurevulnerabilitygitlabadvisory https://advisories.gitlab.com/nuget/microsoft.aspnetcore.app.runtime.linux-x64/CVE-2022-34716/ .NET Information Disclosure Vulnerability | GitLab Advisory Database (GLAD) CVE-2022-34716 .NET Information Disclosure Vulnerability: .NET Spoofing Vulnerability. net informationdisclosurevulnerabilitygitlabadvisory https://advisories.mageia.org/MGASA-2026-0042.html Mageia Advisory: MGASA-2026-0042 - Updated vim packages fix security vulnerability mageiaadvisory https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.osx-x64/CVE-2024-38167/ Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability | GitLab... CVE-2024-38167 Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability: Microsoft is releasing this security advisory to provide... microsoft securitynet informationadvisorycve https://advisories.gitlab.com/composer/moodle/moodle/CVE-2023-28330/ Moodle arbitrary file read vulnerability | GitLab Advisory Database (GLAD) CVE-2023-28330 Moodle arbitrary file read vulnerability: Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access... moodlearbitraryfilereadvulnerability https://advisories.gitlab.com/pypi/refuel-autolabel/CVE-2024-27321/ Refuel Autolab Eval Injection vulnerability | GitLab Advisory Database (GLAD) CVE-2024-27321 Refuel Autolab Eval Injection vulnerability: An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel... refuelautolabevalinjectionvulnerability https://www.fsisac.com/knowledge/sector-risk-advisory-preparing-the-enterprise-for-ai-enabled-vulnerability-discovery Sector Risk Advisory: Preparing the Enterprise for AI-Enabled Vulnerability Discovery | FS-ISAC Apr 19, 2026 - FS-ISAC releases a sector risk advisory to help financial institutions take practical steps inside their own enterprise environments as AI-enabled... https://advisories.gitlab.com/composer/drupal/drupal/GHSA-wxfg-253g-m7r4/ Drupal core Open Redirect vulnerability | GitLab Advisory Database (GLAD) GHSA-wxfg-253g-m7r4 Drupal core Open Redirect vulnerability: Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a... drupal coreopenredirectvulnerabilitygitlab https://advisories.gitlab.com/maven/org.apache.tomcat/tomcat-tribes/CVE-2026-24880/ Apache Tomcat has an HTTP Request/Response Smuggling vulnerability | GitLab Advisory Database (GLAD) CVE-2026-24880 Apache Tomcat has an HTTP Request/Response Smuggling vulnerability: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response... an http request https://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161026-01-pxn-en Security Advisory - PXN Defense Mechanism Failure Vulnerability in Huawei Mobile Phones security advisoryhuawei mobilepxndefensemechanism https://advisories.gitlab.com/nuget/oqtane.framework/CVE-2024-55470/ Oqtane Framework Incorrect Access Control vulnerability | GitLab Advisory Database (GLAD) CVE-2024-55470 Oqtane Framework Incorrect Access Control vulnerability: Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the... access controloqtaneframeworkincorrectvulnerability https://advisories.gitlab.com/nuget/magick.net-q16-anycpu/CVE-2026-24485/ ImageMagick: Infinite loop vulnerability when parsing a PCD file | GitLab Advisory Database (GLAD) CVE-2026-24485 ImageMagick: Infinite loop vulnerability when parsing a PCD file: When a PCD file does not contain a valid marker, the DecodeImage() function... https://advisories.gitlab.com/gem/activesupport/GMS-2023-765/ Possible XSS Security Vulnerability in SafeBuffer#bytesplice | GitLab Advisory Database (GLAD) GMS-2023-765 Possible XSS Security Vulnerability in SafeBuffer#bytesplice: There is a vulnerability in ActiveSupport if the new bytesplice method is called on... security vulnerabilitypossiblexss https://advisories.gitlab.com/composer/magento/community-edition/CVE-2025-24415/ Magento Stored Cross-Site Scripting (XSS) Vulnerability | GitLab Advisory Database (GLAD) CVE-2025-24415 Magento Stored Cross-Site Scripting (XSS) Vulnerability: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and... cross site scriptingmagentostored https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.linux-musl-x64/CVE-2024-21392/ Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability | GitLab Advisory... CVE-2024-21392 Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability: Microsoft Security Advisory CVE-2024-21392: .NET Denial of... denial of servicemicrosoft security https://advisories.gitlab.com/maven/org.nutz/nutzboot-parent/CVE-2025-13806/ NutzBoot Incorrect Privilege Assignment vulnerability | GitLab Advisory Database (GLAD) CVE-2025-13806 NutzBoot Incorrect Privilege Assignment vulnerability: A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This... incorrectprivilegeassignmentvulnerabilitygitlab https://advisories.gitlab.com/golang/github.com/forceu/gokapi/CVE-2025-48495/ Gokapi has stored XSS vulnerability in friendly name for API keys | GitLab Advisory Database (GLAD) CVE-2025-48495 Gokapi has stored XSS vulnerability in friendly name for API keys: By renaming the friendly name of an API key, an authenticated user could... https://advisories.gitlab.com/golang/github.com/robotsandpencils/go-saml/CVE-2023-48703/ RobotsAndPencils go-saml authentication bypass vulnerability | GitLab Advisory Database (GLAD) CVE-2023-48703 RobotsAndPencils go-saml authentication bypass vulnerability: RobotsAndPencils go-saml, a SAML client library written in Go, contains an... saml authenticationgobypassvulnerabilitygitlab https://advisories.gitlab.com/golang/github.com/grafana/grafana/CVE-2025-41115/ Grafana Incorrect Privilege Assignment vulnerability | GitLab Advisory Database (GLAD) CVE-2025-41115 Grafana Incorrect Privilege Assignment vulnerability: SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to... grafanaincorrectprivilegeassignmentvulnerability https://advisories.gitlab.com/npm/@angular/compiler/CVE-2025-66412/ Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes | GitLab Advisory... CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes: A Stored Cross-Site Scripting (XSS) vulnerability has been... https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.linux-musl-arm/CVE-2025-55248/ Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability | GitLab... CVE-2025-55248 Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability: Microsoft is releasing this security advisory to provide... microsoft securitynet informationadvisorycve https://advisories.gitlab.com/maven/org.apache.nifi/nifi-hbase_2-client-service/CVE-2023-36542/ Apache NiFi Code Injection vulnerability | GitLab Advisory Database (GLAD) CVE-2023-36542 Apache NiFi Code Injection vulnerability: Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL... apache nificode injectionvulnerabilitygitlabadvisory https://advisories.gitlab.com/nuget/microsoft.aspnetcore.app.runtime.win-arm64/CVE-2025-55315/ Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability | GitLab... CVE-2025-55315 Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability: Microsoft is releasing this security advisory to provide... microsoft securityadvisorycve https://rewterz.com/rewterz-news/rewterz-threat-advisory-ics-schneider-electric-igss-update-service-vulnerability Rewterz Threat Advisory - ICS: Schneider Electric IGSS Update Service Vulnerability - Rewterz Oct 18, 2023 - The SIRP SOAR platform makes it easy for security teams to quickly realize value through our free integrations and automation playbooks that let you take your threat advisoryschneider electricupdate serviceicsvulnerability https://www.circl.lu/projects/CIRCLean/security/advisory-01/ CIRCL ยป CIRCLean - security advisory 01 - polyglot file vulnerability - CVE-2015-4096 CIRCLean - security advisory 01 - polyglot file vulnerability - CVE-2015-4096 security advisory https://advisories.gitlab.com/pypi/jupyter-server/CVE-2023-39968/ Open Redirect Vulnerability in jupyter-server | GitLab Advisory Database (GLAD) CVE-2023-39968 Open Redirect Vulnerability in jupyter-server: Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause... openredirectvulnerabilityjupyterserver https://advisories.mageia.org/MGASA-2021-0375.html Mageia Advisory: MGASA-2021-0375 - Updated perl-Net-Netmask package fixes a security vulnerability https://advisories.gitlab.com/maven/org.jenkins-ci.main/jenkins-core/CVE-2025-27624/ Jenkins cross-site request forgery (CSRF) vulnerability | GitLab Advisory Database (GLAD) CVE-2025-27624 Jenkins cross-site request forgery (CSRF) vulnerability: Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not require POST requests for... cross site request forgeryjenkins https://advisories.gitlab.com/pypi/pywasm3/CVE-2024-27529/ wasm3 uncontrolled memory allocation vulnerability | GitLab Advisory Database (GLAD) CVE-2024-27529 wasm3 uncontrolled memory allocation vulnerability: wasm3 at commit 139076a contains a memory leak in the Read_utf8 function. memory allocationuncontrolledvulnerabilitygitlabadvisory https://advisories.gitlab.com/npm/electerm/GHSA-wxw2-rwmh-vr8f/ electerm: electerm_install_script_CommandInjection Vulnerability Report | GitLab Advisory Database... GHSA-wxw2-rwmh-vr8f electerm: electerm_install_script_CommandInjection Vulnerability Report: What kind of vulnerability is it? Who is impacted? Two Command... install scriptvulnerability reportelectermgitlabadvisory https://advisories.gitlab.com/nuget/microsoft.aspnetcore.app.runtime.win-arm64/CVE-2026-26130/ .NET Denial of Service Vulnerability | GitLab Advisory Database (GLAD) CVE-2026-26130 .NET Denial of Service Vulnerability: Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0,... denial of servicevulnerabilitygitlabadvisorydatabase https://advisories.gitlab.com/composer/magento/core/CVE-2020-9578/ Magento command injection vulnerability | GitLab Advisory Database (GLAD) CVE-2020-9578 Magento command injection vulnerability: Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and... command injectionmagentovulnerabilitygitlabadvisory https://advisories.gitlab.com/gem/stringio/CVE-2024-27280/ StringIO buffer overread vulnerability | GitLab Advisory Database (GLAD) CVE-2024-27280 StringIO buffer overread vulnerability: An issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through... stringiobufferoverreadvulnerabilitygitlab https://advisories.gitlab.com/composer/magento/community-edition/CVE-2024-45125/ Magento Open Source Incorrect Authorization vulnerability | GitLab Advisory Database (GLAD) CVE-2024-45125 Magento Open Source Incorrect Authorization vulnerability: Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are... magento open sourceincorrectauthorizationvulnerabilitygitlab https://advisories.gitlab.com/pypi/rucio-webui/CVE-2026-25136/ Rucio WebUI has a Reflected Cross-site Scripting Vulnerability | GitLab Advisory Database (GLAD) CVE-2026-25136 Rucio WebUI has a Reflected Cross-site Scripting Vulnerability: A reflected Cross-site Scripting vulnerability was located in the rendering of... cross site scripting https://www.intersystems.com/cz/product-alerts-advisories/advisory-cross-site-scripting-vulnerability-in-healthshare-patient-index/ Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index | InterSystems Oct 10, 2022 - This issue affects HealthShare Patient Index versions 13, 14, 15.032, 2018.1, 2019.1, 2020.1 and 2020.2 and 2021.1. cross site scriptingadvisoryvulnerabilityhealthsharepatient https://advisories.gitlab.com/nuget/microsoft.aspnetcore.app.runtime.win-x64/CVE-2025-24070/ Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability | GitLab... CVE-2025-24070 Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability: Microsoft is releasing this security advisory to provide... elevation of privilegemicrosoft security https://advisories.gitlab.com/pypi/agentscope/CVE-2024-8524/ AgentScope directory traversal vulnerability in /read-examples | GitLab Advisory Database (GLAD) CVE-2024-8524 AgentScope directory traversal vulnerability in /read-examples: A directory traversal vulnerability exists in modelscope/agentscope version... directory traversalread examplesagentscopevulnerability https://advisories.gitlab.com/maven/tech.kwik/kwik/CVE-2025-23020/ Kwik hash collision vulnerability | GitLab Advisory Database (GLAD) CVE-2025-23020 Kwik hash collision vulnerability: An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to... kwikhashcollisionvulnerabilitygitlab https://support.omadanetworks.com/us/document/118794/ Security Advisory on Input Validation Vulnerability on Multiple Omada Switches (CVE-2026-1668) |... security advisoryinput validation https://advisories.gitlab.com/composer/ezsystems/ezplatform-user/GHSA-hfpp-2vhw-qq43/ eZ Platform Admin UI Password reset vulnerability | GitLab Advisory Database (GLAD) GHSA-hfpp-2vhw-qq43 eZ Platform Admin UI Password reset vulnerability: his Security Update fixes a severe vulnerability in the eZ Platform Admin UI, and we... ez platformadmin uipassword reset https://www.fox-it.com/nl-en/technical-advisory-reflected-cross-site-scripting-xss-vulnerability-in-jenkins-delivery-pipeline-plugin/ Technical Advisory: Reflected Cross-Site Scripting (XSS) vulnerability in Jenkins Delivery Pipeline... cross site scriptingtechnical advisory https://advisories.gitlab.com/npm/microlight/CVE-2025-45525/ Withdrawn Advisory: microlight.js has a null pointer dereference vulnerability | GitLab Advisory... CVE-2025-45525 Withdrawn Advisory: microlight.js has a null pointer dereference vulnerability: Withdrawn Advisory This advisory has been withdrawn because a... null pointerwithdrawnadvisorymicrolightjs https://advisories.gitlab.com/swift/github.com/ibireme/yyjson/CVE-2024-25713/ yyjson has a Double Free vulnerability | GitLab Advisory Database (GLAD) CVE-2024-25713 yyjson has a Double Free vulnerability: The pool series allocator (pool_malloc/pool_free/pool_realloc) by yysjon has a Double Free... doublefreevulnerabilitygitlabadvisory https://advisories.gitlab.com/composer/aimeos/aimeos-core/CVE-2024-36811/ aimeos-core arbitrary file uopload vulnerability | GitLab Advisory Database (GLAD) CVE-2024-36811 aimeos-core arbitrary file uopload vulnerability: An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04... aimeoscorearbitraryfilevulnerability https://advisories.gitlab.com/composer/magento/project-community-edition/CVE-2025-24428/ Magento stored Cross-Site Scripting (XSS) vulnerability | GitLab Advisory Database (GLAD) CVE-2025-24428 Magento stored Cross-Site Scripting (XSS) vulnerability: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and... cross site scriptingmagentostored https://advisories.gitlab.com/pypi/ethyca-fides/CVE-2023-46124/ Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload | GitLab Advisory... CVE-2023-46124 Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload: Impact The Fides web application allows a custom integration to be... server siderequest forgery https://advisories.gitlab.com/maven/ca.uhn.hapi.fhir/org.hl7.fhir.r4b/CVE-2024-45294/ XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` | GitLab Advisory Database (GLAD) CVE-2024-45294 XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`: XSLT transforms performed by various components are vulnerable to XML external... https://advisories.gitlab.com/pypi/nltk/CVE-2025-14009/ NLTK has a Zip Slip Vulnerability | GitLab Advisory Database (GLAD) CVE-2025-14009 NLTK has a Zip Slip Vulnerability: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The... nltkzipslipvulnerabilitygitlab https://advisories.gitlab.com/npm/flowise/CVE-2025-26319/ FlowiseAI Flowise arbitrary file upload vulnerability | GitLab Advisory Database (GLAD) CVE-2025-26319 FlowiseAI Flowise arbitrary file upload vulnerability: FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability... file uploadflowiseaiarbitraryvulnerabilitygitlab https://advisories.gitlab.com/maven/com.liferay.portal/release.portal.bom/CVE-2025-3760/ Liferay Cross-site Scripting vulnerability | GitLab Advisory Database (GLAD) CVE-2025-3760 Liferay Cross-site Scripting vulnerability: A stored cross-site scripting (XSS) vulnerability exists with radio button type custom fields in... cross site scriptingliferayvulnerabilitygitlabadvisory https://advisories.gitlab.com/golang/github.com/mattermost/mattermost-server/v6/CVE-2023-5195/ Mattermost Incorrect Authorization vulnerability | GitLab Advisory Database (GLAD) CVE-2023-5195 Mattermost Incorrect Authorization vulnerability: Mattermost fails to properly validate the permissions when soft deleting a team allowing a team... mattermostincorrectauthorizationvulnerabilitygitlab https://advisories.gitlab.com/pypi/borgbackup/CVE-2023-36811/ Archive spoofing vulnerability in borgbackup | GitLab Advisory Database (GLAD) CVE-2023-36811 Archive spoofing vulnerability in borgbackup: A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake... archivespoofingvulnerabilityborgbackupgitlab https://advisories.gitlab.com/maven/org.apache.tomcat/tomcat-websocket/CVE-2024-23672/ Denial of Service via incomplete cleanup vulnerability in Apache Tomcat | GitLab Advisory Database... CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat: Denial of Service via incomplete cleanup vulnerability in Apache... denial of service https://advisories.gitlab.com/pypi/apache-superset/CVE-2022-43721/ Apache Superset Open Redirect vulnerability | GitLab Advisory Database (GLAD) CVE-2022-43721 Apache Superset Open Redirect vulnerability: An authenticated attacker with update datasets permission could change a dataset link to an... apache supersetopenredirectvulnerabilitygitlab https://advisories.gitlab.com/golang/github.com/whyrusleeping/tar-utils/CVE-2020-36566/ tar-utils Path Traversal vulnerability | GitLab Advisory Database (GLAD) CVE-2020-36566 tar-utils Path Traversal vulnerability: Due to improper path santization, archives containing relative file paths can cause files to be written... path traversaltarutilsvulnerabilitygitlab https://advisories.gitlab.com/composer/mantisbt/mantisbt/CVE-2018-16514/ MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO | GitLab Advisory... CVE-2018-16514 MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO: A cross-site scripting (XSS) vulnerability in the View Filters page... cross site scripting https://advisories.mageia.org/MGASA-2022-0407.html Mageia Advisory: MGASA-2022-0407 - Updated wkhtmltopdf packages fix security vulnerability mageiaadvisory https://advisories.gitlab.com/maven/org.apache.accumulo/accumulo-shell/CVE-2023-34340/ Apache Accumulo Improper Authentication vulnerability | GitLab Advisory Database (GLAD) CVE-2023-34340 Apache Accumulo Improper Authentication vulnerability: Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This... apacheaccumuloimproperauthenticationvulnerability https://advisories.gitlab.com/maven/org.apache.jspwiki/jspwiki-main/CVE-2025-24854/ Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin | GitLab Advisory... CVE-2025-24854 Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin: A carefully crafted request using the Image plugin could trigger an... cross site scripting https://advisories.gitlab.com/maven/io.digdag/digdag-server/CVE-2024-25125/ Absolute path traversal vulnerability in digdag server | GitLab Advisory Database (GLAD) CVE-2024-25125 Absolute path traversal vulnerability in digdag server: Treasure Data's digdag workload automation system is susceptible to a path traversal... path traversalabsolutevulnerability https://advisories.gitlab.com/composer/bagisto/bagisto/CVE-2023-36237/ Bagisto Cross-Site Request Forgery vulnerability | GitLab Advisory Database (GLAD) CVE-2023-36237 Bagisto Cross-Site Request Forgery vulnerability: Cross Site Request Forgery vulnerability in Bagisto before v.1.3.2 allows an attacker to... cross site request forgerybagistovulnerabilitygitlabadvisory https://advisories.gitlab.com/pypi/composio-openai/CVE-2024-53526/ Composio Command Execution vulnerability | GitLab Advisory Database (GLAD) command executioncomposiovulnerabilitygitlabadvisory https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.osx-arm64/CVE-2025-55248/ Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability | GitLab... CVE-2025-55248 Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability: Microsoft is releasing this security advisory to provide... microsoft securitynet informationadvisorycve https://advisories.gitlab.com/composer/magento/community-edition/CVE-2021-36029/ Magento improper authorization vulnerability | GitLab Advisory Database (GLAD) CVE-2021-36029 Magento improper authorization vulnerability: Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... magentoimproperauthorizationvulnerabilitygitlab https://advisories.gitlab.com/pypi/pydash/CVE-2023-26145/ pydash Command Injection vulnerability | GitLab Advisory Database (GLAD) CVE-2023-26145 pydash Command Injection vulnerability: This affects versions of the package pydash before 6.0.0. A number of pydash methods such as... command injectionvulnerabilitygitlabadvisorydatabase https://advisories.gitlab.com/composer/magento/community-edition/CVE-2024-45149/ Magento Open Source Improper Access Control vulnerability | GitLab Advisory Database (GLAD) CVE-2024-45149 Magento Open Source Improper Access Control vulnerability: Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are... magento open sourceaccess controlimproper https://advisories.gitlab.com/pypi/mindsdb/CVE-2024-45852/ MindsDB Deserialization of Untrusted Data vulnerability | GitLab Advisory Database (GLAD) CVE-2024-45852 MindsDB Deserialization of Untrusted Data vulnerability: Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the... mindsdbdeserializationuntrusteddatavulnerability https://advisories.gitlab.com/pypi/keras/CVE-2025-1550/ Keras arbitrary code execution vulnerability | GitLab Advisory Database (GLAD) CVE-2025-1550 Keras arbitrary code execution vulnerability: The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True,... arbitrary code executionkerasvulnerabilitygitlabadvisory https://advisories.gitlab.com/pypi/copyparty/CVE-2025-54423/ copyparty has DOM-Based XSS vulnerability when displaying multimedia metadata | GitLab Advisory... CVE-2025-54423 copyparty has DOM-Based XSS vulnerability when displaying multimedia metadata: An unauthenticated attacker is able to execute arbitrary... dom based xss https://advisories.gitlab.com/golang/github.com/ntbosscher/gobase/GHSA-4348-x292-h437/ Duplicate Advisory: GoBase Race Condition vulnerability | GitLab Advisory Database (GLAD) GHSA-4348-x292-h437 Duplicate Advisory: GoBase Race Condition vulnerability: Duplicate Advisory This advisory has been withdrawn because it is a duplicate of... race conditionduplicateadvisoryvulnerabilitygitlab https://advisories.gitlab.com/composer/magento/community-edition/CVE-2025-24438/ Magento stored Cross-Site Scripting (XSS) vulnerability | GitLab Advisory Database (GLAD) CVE-2025-24438 Magento stored Cross-Site Scripting (XSS) vulnerability: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and... cross site scriptingmagentostored https://advisories.gitlab.com/nuget/magick.net-q16-openmp-x86/CVE-2026-24485/ ImageMagick: Infinite loop vulnerability when parsing a PCD file | GitLab Advisory Database (GLAD) CVE-2026-24485 ImageMagick: Infinite loop vulnerability when parsing a PCD file: When a PCD file does not contain a valid marker, the DecodeImage() function... https://smartermsp.com/cybersecurity-threat-advisory-critical-github-vulnerability/ Cybersecurity Threat Advisory: Critical GitHub vulnerability May 5, 2026 - Researchers have recently disclosed details of a critical vulnerability affecting GitHub and GitHub Enterprise Server. Read it now to learn more. cybersecurity threatadvisorycriticalgithubvulnerability https://advisories.gitlab.com/nuget/nuget.commandline/CVE-2023-29337/ NuGet Client Remote Code Execution Vulnerability | GitLab Advisory Database (GLAD) CVE-2023-29337 NuGet Client Remote Code Execution Vulnerability: NuGet Client Remote Code Execution Vulnerability remote code executionnugetclientvulnerabilitygitlab https://advisories.gitlab.com/maven/org.keycloak/keycloak-services/CVE-2024-1132/ Keycloak path transversal vulnerability in redirection validation | GitLab Advisory Database (GLAD) CVE-2024-1132 Keycloak path transversal vulnerability in redirection validation: A flaw was found in Keycloak, where it does not properly validate URLs... keycloakpathtransversalvulnerability https://advisories.gitlab.com/maven/org.keycloak/keycloak-services/GHSA-j76j-rqwj-jmvv/ Duplicate Advisory: Keycloak Session Fixation vulnerability | GitLab Advisory Database (GLAD) GHSA-j76j-rqwj-jmvv Duplicate Advisory: Keycloak Session Fixation vulnerability: Duplicate Advisory This advisory has been withdrawn because it is a duplicate... session fixationduplicateadvisorykeycloakvulnerability https://advisories.gitlab.com/maven/org.xwiki.platform/xwiki-platform-wysiwyg-api/CVE-2025-32970/ org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability | GitLab Advisory... CVE-2025-32970 org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability: An open redirect vulnerability in the HTML conversion request filter... xwikiplatformwysiwygapiopen https://advisories.mageia.org/MGASA-2021-0212.html Mageia Advisory: MGASA-2021-0212 - Updated avahi packages fix a security vulnerability https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.linux-x64/CVE-2025-30399/ Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability | GitLab Advisory... CVE-2025-30399 Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability: Microsoft is releasing this security advisory to provide... microsoft securityremote codeadvisorycve https://advisories.gitlab.com/nuget/microsoft.aspnetcore.server.kestrel.core/CVE-2021-1723/ ASP.NET Core and Visual Studio Denial of Service Vulnerability | GitLab Advisory Database (GLAD) CVE-2021-1723 ASP.NET Core and Visual Studio Denial of Service Vulnerability: A denial-of-service vulnerability exists in the way Kestrel parses HTTP/2... asp net core https://advisories.gitlab.com/golang/golang.org/x/net/CVE-2022-27664/ golang.org/x/net/http2 Denial of Service vulnerability | GitLab Advisory Database (GLAD) CVE-2022-27664 golang.org/x/net/http2 Denial of Service vulnerability: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial... denial of service https://advisories.gitlab.com/golang/github.com/mattermost/mattermost-server/CVE-2025-9076/ Mattermost Missing Authorization vulnerability | GitLab Advisory Database (GLAD) mattermostmissingauthorizationvulnerabilitygitlab https://advisories.gitlab.com/composer/mediawiki/core/CVE-2019-12472/ MediaWiki Incorrect Access Control vulnerability | GitLab Advisory Database (GLAD) CVE-2019-12472 MediaWiki Incorrect Access Control vulnerability: An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through... access controlmediawikiincorrectvulnerabilitygitlab https://advisories.gitlab.com/pypi/apache-airflow/CVE-2023-40611/ Apache Airflow Incorrect Authorization vulnerability | GitLab Advisory Database (GLAD) CVE-2023-40611 Apache Airflow Incorrect Authorization vulnerability: Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows... apache airflowincorrectauthorizationvulnerabilitygitlab https://advisories.gitlab.com/pypi/letta/CVE-2024-39025/ Letta (previously MemGPT) incorrect access control vulnerability | GitLab Advisory Database (GLAD) CVE-2024-39025 Letta (previously MemGPT) incorrect access control vulnerability: Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17... access controllettapreviouslymemgptincorrect https://advisories.gitlab.com/maven/org.apache.ranger/ranger-plugins-common/CVE-2025-59059/ Apache Ranger has a Code Injection vulnerability | GitLab Advisory Database (GLAD) CVE-2025-59059 Apache Ranger has a Code Injection vulnerability: Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger... apache rangercode injection https://smartermsp.com/cybersecurity-threat-advisory-cisco-asa-zero-day-vulnerability/ Cybersecurity Threat Advisory: Cisco ASA zero-day vulnerability Sep 26, 2025 - Two Cisco zero-day vulnerabilities are actively being exploited by threat actors. Find out how to protect your environment in this Cybersecurity Threat... cybersecurity threatcisco asazero dayadvisoryvulnerability https://advisories.gitlab.com/pypi/fastmcp/CVE-2026-32871/ FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability | GitLab Advisory Database... https://advisories.gitlab.com/maven/org.apache.kafka/kafka_2.11/CVE-2025-27819/ Apache Kafka Deserialization of Untrusted Data vulnerability | GitLab Advisory Database (GLAD) CVE-2025-27819 Apache Kafka Deserialization of Untrusted Data vulnerability: In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS... apache kafkadeserializationuntrusted https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/ MCP STDIO Command Injection: Full Vulnerability Advisory OX Security's full disclosure advisory for command injection vulnerabilities in MCP STDIO configurations, covering 10 CVEs command injectionmcpstdiofullvulnerability https://advisories.gitlab.com/golang/github.com/mattermost/mattermost/server/v8/CVE-2024-54682/ Mattermost Data Amplification vulnerability | GitLab Advisory Database (GLAD) mattermostdataamplificationvulnerabilitygitlab