Fantastic ElasticSearch Plugin <= 4.1.0 - Cross-Site Scripting

Fantastic ElasticSearch WordPress plugin = 4.1.0 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute malicious scripts in the context of high privilege users, exploit requires victim to visit a malicious link. id: CVE-2024-13221 info: name:...

CVE-2025-11669

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...

ZOHO多款产品 安全漏洞

ZOHO Password Manager Pro PMP and so on are products of ZOHO USA company.ZOHO Password Manager Pro is a password manager.ZOHO ManageEngine Access Manager Plus is the ZOHO ManageEngine PAM360 is a complete PAM software. A security vulnerability exists in several ZOHO products, which stems from an...

CVE-2024-13221

The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

openSUSE Security Advisory (openSUSE-SU-2025:0039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : stb (openSUSE-SU-2025:0039-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0039-1 advisory. Addressing the follow security issues boo1216478: CVE-2019-13217: heap buffer overflow in startdecoder CVE-2019-13218: stack buffer overflow in...

CVE-2024-13221

The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13221 Fantastic Elasticsearch <= 4.1.0 - Reflected XSS

The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

SUSE CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

CVE-2020-13221

...

CVE-2020-13221

CVE-2020-13221 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

CVE-2019-13221

CVE-2019-13221 affects the stb_vorbis component (stb) in the compute_codewords() path. Multiple connected advisories (e.g., openSUSE-SU-2025:0039-1 and OSV-OPENSUSE-SU-2025:0039-1) describe a stack/buffer overflow in that area and list it among the fixes for stb via updated libstb packages. The v...

CVE-2018-13221

The CVE-2018-13221 entry concerns Extreme Token (Extreme Coin XT) on Ethereum, where the sell function of the ExtremeToken contract suffers an integer overflow in the calculation amount * sellPrice, which can evaluate to zero and thereby reduce a seller’s assets. The affected component is the sma...

CVE-2017-13221

An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938...

CVE-2017-13221

CVE-2017-13221 is an Elevation of Privilege (EoP) vulnerability affecting the Upstream kernel WiFi driver in Android devices (Android kernel). The connected documents consistently describe a local vulnerability that could allow a non-privileged attacker to escalate privileges via the kernel WiFi ...