CVE-2025-10869

creationtimestamp| type| source ---|---|--- 2025-10-15 13:19:48+00:00| seen| Telegram/CRPWb5f685CIjLVoJTboVtO3fgRTsXDtpK8re-mHDA72Cc...

EUVD-2025-10869

Malicious code in bioql PyPI...

WordPress WordPress Brute Force Protection – Stop Brute Force Attacks Plugin <= 2.2.6 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Brute Force Protection – Stop Brute Force Attacks Type Plugin Vulnerable versions = 2.2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10869 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

CVE-2019-10869

creationtimestamp| type| source ---|---|--- 2024-02-20 04:27:58+00:00| published-proof-of-concept| Telegram/DjIZ6fWMXmlmEqKmpuFtQwgBJRCjkSBgRANI4QVLWKJ-IYk...

CVE-2016-10869

CVE-2016-10869 affects the WordPress plugin contact-form-plugin up to version 4.0.2 . The vulnerability is an XSS flaw in the plugin (WordPress context), with CVSS v3 base score 6.1 (MEDIUM) and CVSS v2 base score 4.3 (MEDIUM) . Multiple sources (NVD, Red Hat, CNVD, CVE lists, WPVulnDB) corrobora...

WordPress Ninja Forms Plugin Path Traversal (CVE-2019-10869)

A directory traversal vulnerability exists in WordPress Ninja Forms plugin. Successful exploit allows an attacker to traverse the file system to access files and execute code...

CVE-2019-10869

Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress when the Uploads add-on is activated. This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php aka upload/submit page name and...

CVE-2019-10869

CVE-2019-10869 affects WordPress Ninja Forms Plugin prior to version 3.0.23 (when the Uploads add-on is activated). It enables path traversal and unrestricted file upload via the uploads handling (includes/fields/upload.php, aka upload/submit page) name and tmp_name parameters, allowing an attack...

CVE-2019-10869

Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress when the Uploads add-on is activated. This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php aka upload/submit page name and...

RHEL 7 : redhat-certification (RHSA-2018:2373)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2373 advisory. The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat...

Critical: Red Hat Security Advisory: redhat-certification security update

An update for redhat-certification is now available for Red Hat Certification for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2018-10869

The CVE-2018-10869 vulnerability affects redhat-certification and allows a remote attacker to download any file accessible by the web server user via the /download page due to improper access restriction. Red Hat’s RHSA-2018:2373 (and related advisories) document this issue and provide a security...

CVE-2018-10869

It was discovered that redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd. Mitigation If SELinux is enabled it further restricts the set of files that can be downloaded...

H2O HTTP Server < 2.2.3 Multiple Vulnerabilities

H2O HTTP Server is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-10869

H2O HTTP Server vulnerability CVE-2017-10869 is a stack-based buffer overflow affecting H2O versions 2.2.2 and earlier. The flaw allows remote unauthenticated attackers to cause a denial-of-service via unspecified vectors. Connected sources specify multiple DoS-related CVEs in H2O and indicate th...

JVN#84182676: Multiple vulnerabilities in H2O

H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L| Base Score: 5.3 CVSS...

h2o -- DoS in workers

Frederik Deweerdt reports: Multiple Denial-of-Service vulnerabilities exist in h2o workers - see references for full details. CVE-2017-10868: Worker processes may crash when receiving a request with invalid framing. CVE-2017-10869: The stack may overflow when proxying huge requests...

Fedora Update for s3ql FEDORA-2015-10869

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...