CVE-2025-14795

creationtimestamp| type| source ---|---|--- 2026-01-28 15:19:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdil4jww5h26...

CVE-2025-14795

The Stop Spammers Classic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2026.1. This is due to missing nonce validation in the ssaddtoallowlist class. This makes it possible for unauthenticated attackers to add arbitrary email addresses to...

CVE-2020-14795

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Emerson DeltaV DCS Workstations Relative Path Traversal (CVE-2018-14795)

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 ...

CVE-2020-14795

creationtimestamp| type| source ---|---|--- 2020-10-21 19:04:22+00:00| seen| https://t.me/cibsecurity/15468...

CVE-2020-14795

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2020-14795

CVE-2020-14795 affects Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology (validated on PeopleSoft 8.57 and 8.58). The vulnerability enables unauthenticated remote access via HTTP, with user interaction required, potentially leading to unauthorized access to sensitive data or complete a...

CVE-2019-14795

The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...

CVE-2019-14795

The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...

CVE-2019-14795

Summary: CVE-2019-14795 affects the WordPress plugin “Toggle The Title” (version 1.4) and enables a stored/ reflected cross-site scripting (XSS) via admin-ajax.php?action=update_title_options with parameters isAutoSaveValveChecked or isDisableAllPagesValveChecked. This vulnerability is documented...

CVE-2019-14795

The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...

CVE-2018-14795

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files...

CVE-2018-14795

DeltaV DCS Workstations (Emerson) are affected by CVE-2018-14795 due to improper path validation (Relative Path Traversal). Affected products are DeltaV versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5. The vulnerability can allow an attacker to replace executable files. Public advisories/records ...

CVE-2017-14795

The hevcwriteframe function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hlspcmsample in hevc.c in libavcodec in FFmp...

CVE-2017-14795

The CVE-2017-14795 issue affects Libbpg 0.9.7, specifically the hevc_write_frame function in libbpg.c, with a vulnerability in decoding BPG images that can cause an out-of-bounds access. Connected sources describe a heap/write out-of-bounds condition in decoding and indicate potential denial of s...