371 matches found
Advisory ROSA-SA-2025-2987
software: rlottie 0.2 WASP: ROSA-CHROME unaffected versions = rlottie-0.2-4 affected versions rlottie-0.2-4 CVE-ID: CVE-2025-53074 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Samsung Open Source rLottie - out-of-bounds read vulnerability allows buffers to overflow. CVE-STATUS: Vulnerability has be...
WordPress plugin Plugin updates blocker 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2025-9374
The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can...
WordPress Ultimate Tag Warrior Importer plugin <= 0.2 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Ultimate Tag Warrior Importer versions = 0.2...
Linux Distros Unpatched Vulnerability : CVE-2025-53076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2. CVE-2025-53076 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2021-33896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators. CVE-2021-33896 Note that...
Linux Distros Unpatched Vulnerability : CVE-2017-11654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remo...
Linux Distros Unpatched Vulnerability : CVE-2013-7401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a or ? character in an ICAP...
CVE-2025-53219
Cross-Site Request Forgery CSRF vulnerability in pl4g4 WP-Database-Optimizer-Tools wp-database-optimizer-tools allows Cross Site Request Forgery.This issue affects WP-Database-Optimizer-Tools: from n/a through = 0.2...
CVE-2025-53219
CVE-2025-53219 is a CSRF vulnerability in WordPress WP-Database-Optimizer-Tools (versions up to 0.2). The issue allows Cross Site Request Forgery by authenticated users; impact is described as I: LOW, A: LOW, with UI interaction required and network/low complexity. The affected plugin is WP-Datab...
WordPress plugin WP-Database-Optimizer-Tools 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2025-8688
The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-8688 Inline Stock Quotes <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock Shortcode
The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-8688
CVE-2025-8688 : The WordPress plugin Inline Stock Quotes (versions
PT-2025-32621 · WordPress · Inline Stock Quotes
Name of the Vulnerable Software and Affected Versions: Inline Stock Quotes plugin for WordPress versions up to and including 0.2 Description: The Inline Stock Quotes plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on...
Jenkins plugin Kryptowire 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
CVE-2025-53074
Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2...
Nokia Single RAN 安全漏洞
Nokia Single RAN is a wireless network technology from Nokia, Finland. A security vulnerability exists in Nokia Single RAN 24R1-SR prior to version 0.2 MP, which stems from improper privilege management and could result in elevated privileges...
UBUNTU-CVE-2025-0634
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2...
CVE-2025-0634
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2...