MiracleLinux 3 : bzip2-1.0.3-6.AXS3 (AXSA:2010-453:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-453:01 advisory. bzip2 compresses files using the Burrows-Wheeler block sorting text compression algorithm, and Huffman coding. Compression is generally considerably better th...

CVE-2021-0405

In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID:...

CVE-2023-0405

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts...

CVE-2020-0405

In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157475...

CVE-2025-0405

A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be...

CVE-2025-0405

creationtimestamp| type| source ---|---|--- 2025-01-13 00:35:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113818242852918178 2025-01-13 01:08:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1345 2025-01-13 01:15:24+00:00| seen|...

CVE-2025-0405

CVE-2025-0405 affects liujianview gymxmjpa 1.0. The vulnerability lies in GoodsDaoImpl within GoodsController.java, where manipulation of the goodsName parameter leads to an SQL injection. The issue can be exploited remotely and has had exploits disclosed publicly. Multiple connected sources (Red...

CVE-2025-0405 liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injection

A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be...

CVE-2025-0405 liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injection

A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be...

openSUSE: Security Advisory for libbpf (SUSE-SU-2023:0405-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-0405

creationtimestamp| type| source ---|---|--- 2024-02-06 15:41:59+00:00| seen| https://t.me/ctinow/180061...

Malicious code in wlwz-2312-0405 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11d22a58c7c442f5e2ffa63e6a678badd7affe53e18672494ec1378ea4348c13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-0405 Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection

The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. Affected parameters include 'browser', 'device', 'pageid', 'pageurl', 'platform', a...

CVE-2024-0405

The CVE-2024-0405 entry concerns Burst Statistics – Privacy-Friendly Analytics for WordPress (plugin), version 1.5.3, vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in /wp-json/burst/v1/data/compare (parameters include browser, device, page_id, page_url, platform, ref...

WordPress Burst Statistics Plugin <= 1.5.3 is vulnerable to SQL Injection

Software Burst Statistics Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0405 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5b21f7530708 Credits Ivan Spiridonov xbz0n Required privilege Editor...

SUSE: Security Advisory (SUSE-SU-2023:0405-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-0405

creationtimestamp| type| source ---|---|--- 2023-02-13 18:36:00+00:00| seen| https://t.me/cibsecurity/58006 2025-03-21 20:24:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8434...

CVE-2023-0405 GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts...

CVE-2023-0405

The CVE-2023-0405 entry concerns the WordPress plugin “GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training” (pre-1.4.38). A root cause is that the plugin does not perform nonce or privilege checks, allowing logged-in users (e.g., subscribers) to mod...

WordPress GPT3 AI Content Writer Plugin < 1.4.38 is vulnerable to Content Injection

Software GPT3 AI Content Writer Type Plugin Vulnerable versions 1.4.38 Fixed in 1.4.38 OWASP Top 10 A1: Injection Classification Content Injection CVE CVE-2023-0405 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 868b79c31d14 Credits Lana Codes Required privilege...