EUVD-2025-24224

Malicious code in bioql PyPI...

CVE-2025-54734

Missing Authorization vulnerability in bPlugins B Slider b-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Slider: from n/a through = 1.1.30...

CVE-2025-54734

Missing Authorization vulnerability in bPlugins B Slider b-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Slider: from n/a through = 1.1.30...

CVE-2025-54734 WordPress B Slider Plugin <= 1.1.30 - Broken Access Control Vulnerability

Missing Authorization vulnerability in bPlugins B Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B Slider: from n/a through 1.1.30...

CVE-2025-54734 WordPress B Slider Plugin <= 1.1.30 - Broken Access Control Vulnerability

Missing Authorization vulnerability in bPlugins B Slider b-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Slider: from n/a through = 1.1.30...

Linux Distros Unpatched Vulnerability : CVE-2023-22464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. Th...

CVE-2025-8418

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. This is due to missing capability checks on the activatedplugin function. This makes it possible for authenticated attackers, with...

CVE-2025-8418 B Slider- Gutenberg Slider Block for WP <= 1.1.30 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Plugin Installation

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. This is due to missing capability checks on the activatedplugin function. This makes it possible for authenticated attackers, with...

PT-2025-32631 · WordPress · B Slider- Gutenberg Slider Block

Name of the Vulnerable Software and Affected Versions: B Slider- Gutenberg Slider Block for WP plugin for WordPress versions up to and including 1.1.30 Description: The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to arbitrary plugin installation due to missing...

WordPress plugin LightBox Block 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-22464

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

GHSA-V9MX-4PQQ-H232 Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for Glo

Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun's APIs that accept objects...

PT-2024-18959 · Bun · Bun

Name of the Vulnerable Software and Affected Versions: bun versions prior to 1.1.30 Description: The issue is related to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun's APIs that accept objects. Recommendations: For versions prior t...

Bun 安全漏洞

Bun is a Bun open source all-in-one toolkit for JavaScript and TypeScript applications. A security vulnerability exists in versions of Bun prior to 1.1.30, which stems from improper input cleanup and susceptibility to prototype contamination...

EnGenius EWS356-FIT 安全漏洞

The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and prior versions. A remote attacker could exploit the vulnerability to execute arbitrary operating system commands via the controller connection...

PT-2024-24330

Name of the Vulnerable Software and Affected Versions EnGenius EWS356-FIR versions 1.1.30 and earlier Description The issue allows a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter. This enables the attacker to gain unauthorized access and control over t...

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

EnGenius EWS356-FIT 安全漏洞

The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...

PT-2024-24329 · Engenius · Engenius Ews356-Fit +1

Name of the Vulnerable Software and Affected Versions: EnGenius EWS356-Fit versions 1.1.30 and earlier EnGenius ESR580 versions 1.1.30 and earlier Description: The issue allows a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable fie...

EnGenius ESR580 安全漏洞

The EnGenius ESR580 is a series of wireless access points from EnGenius. A security vulnerability exists in the EnGenius ESR580 version 1.1.30 and earlier, which stems from a stored cross-site scripting attack that allows remote attackers to conduct a stored cross-site scripting attack via the...