199 matches found
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker with sufficient rights to execute commands on the host by manipulating the processed input stream. However, no users are affected as long ...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. In XStream before version 1.4.16, there was a vulnerability where the processed stream at unmarshalling time contained type information that allowed new instances to be created based on those type information. An attacker...
EUVD-2026-31034
The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...
WordPress plugin os-diagnosis-generator 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=0.0.1 <=1.4.1-beta.1) +73 more potentially affected by CVE-2026-45364 via better-auth (>=0.4.10-beta.10 <=1.4.16)
better-auth NPM version =0.4.10-beta.10, =0.0.1, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =0.18.0, =0.5.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3 and more Source cves: CVE-2026-45364 Source advisory: OSV:GHSA-P6V2-XCPG-H6XW...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to allocate 100% of the CPU resources on the target system, depending on the CPU type or the parallel execution of certain payloads. This...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. In XStream before version 1.4.16, there was a vulnerability that could allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. However, users who followed the...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to request data from internal resources that were not publicly available, by manipulating the processed input stream. No users are affecte...
CVE-2026-28047
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through = 1.4.16...
EUVD-2026-9707
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through = 1.4.16...
CVE-2026-28047 WordPress Victo theme <= 1.4.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through = 1.4.16...
CVE-2026-28047
CVE-2026-28047 affects the Victo WordPress theme (Victo
CVE-2026-28047 WordPress Victo theme <= 1.4.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through = 1.4.16...
PT-2026-23327
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through = 1.4.16...
WordPress Victo theme <= 1.4.16 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Victo versions = 1.4.16...
CVE-2025-68002
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...
CVE-2025-68002
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...