Arm Compiler 5 (AC5), Arm Compiler For Embedded 6 (AC6), Fast Models (FM), Arm Compiler For Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS) Security Vulnerabilities

CVE-2024-5598 Advanced File Manager <= 5.2.4 - Sensitive Information Exposure via Directory Listing

The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_file_system' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive...

CVE-2024-5598 Advanced File Manager <= 5.2.4 - Sensitive Information Exposure via Directory Listing

The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_file_system' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive...

CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by'

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uwp_sort_by’ parameter in all versions up to, and including, 1.2.10 due to insufficient escaping on the user supplied....

CVE-2024-5889 Events Manager <= 6.4.8 - Reflected Cross-Site Scripting

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘country’ parameter in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by'

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uwp_sort_by’ parameter in all versions up to, and including, 1.2.10 due to insufficient escaping on the user supplied....

CVE-2024-5889 Events Manager <= 6.4.8 - Reflected Cross-Site Scripting

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘country’ parameter in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-5942 Page and Post Clone <= 6.0 - Insecure Direct Object Reference to Authenticated (Author+) Sensitive Information Exposure

The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.0 via the 'content_clone' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access....

CVE-2024-5942 Page and Post Clone <= 6.0 - Insecure Direct Object Reference to Authenticated (Author+) Sensitive Information Exposure

The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.0 via the 'content_clone' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access....

CVE-2024-5192 Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.3.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mimes’ parameter in all versions up to, and including, 3.3.1 due to insufficient...

CVE-2024-5192 Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.3.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mimes’ parameter in all versions up to, and including, 3.3.1 due to insufficient...

CVE-2020-14318 affecting package samba 4.12.5-6

CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3670 affecting package samba 4.12.5-6

CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17049 affecting package samba 4.12.5-6

CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15

CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15. No patch is available...

CVE-2021-23192 affecting package samba 4.12.5-6

CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14383 affecting package samba 4.12.5-6

CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14323 affecting package samba 4.12.5-6

CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2021-3738 affecting package samba 4.12.5-6

CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-0336 affecting package samba 4.12.5-6

CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32744 affecting package samba 4.12.5-6

CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20316 affecting package samba 4.12.5-6

CVE-2021-20316 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-6

CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...

CVE-2022-34176 affecting package junit 4.13-5

CVE-2022-34176 affecting package junit 4.13-5. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25719 affecting package samba 4.12.5-6

CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-43566 affecting package samba 4.12.5-6

CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-2021-3671 affecting package samba 4.12.5-6

CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20277 affecting package samba 4.12.5-6

CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20254 affecting package samba 4.12.5-6

CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-8908 affecting package guava 25.0-5

CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2021-44141 affecting package samba 4.12.5-6

CVE-2021-44141 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-2031 affecting package samba 4.12.5-6

CVE-2022-2031 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32746 affecting package samba 4.12.5-6

CVE-2022-32746 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3716 affecting package nbdkit 1.20.7-5

CVE-2021-3716 affecting package nbdkit 1.20.7-5. This CVE either no longer is or was never...

CVE-2020-25722 affecting package samba 4.12.5-6

CVE-2020-25722 affecting package samba 4.12.5-6. No patch is available...

CVE-2010-4226 affecting package cpio 2.13-5

CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...

CVE-2022-32742 affecting package samba 4.12.5-6

CVE-2022-32742 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25718 affecting package samba 4.12.5-6

CVE-2020-25718 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25717 affecting package samba 4.12.5-6

CVE-2020-25717 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-44142 affecting package samba 4.12.5-6

CVE-2021-44142 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-27840 affecting package samba 4.12.5-6

CVE-2020-27840 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-1472 affecting package samba for versions less than 4.12.5-4

CVE-2020-1472 affecting package samba for versions less than 4.12.5-4. A patched version of the package is...

CVE-2019-25051 affecting package aspell 0.60.8-5

CVE-2019-25051 affecting package aspell 0.60.8-5. This CVE either no longer is or was never...

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...