CVE-2025-14999

The Latest Tabs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the settings update handler in admin-page.php. This makes it possible for unauthenticated attackers to modify plugin...

CVE-2025-14999

creationtimestamp| type| source ---|---|--- 2026-01-07 09:53:04+00:00| seen| https://gist.github.com/Darkcrai86/e9f5a885740d9b62bb1dedce7f4b5fd3...

CVE-2020-14999

A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data...

CVE-2020-14999

creationtimestamp| type| source ---|---|--- 2021-07-30 18:15:35+00:00| seen| https://t.me/cibsecurity/26607...

CVE-2020-14999

CVE-2020-14999 affects Acronis Agent’s system monitoring driver, where a logic bug allowed bypassing Windows memory protection and accessing sensitive data. Publicly documented affected range is 12.5.21540 through 12.5.23093; a fix appears in 12.5.23094. The issue is described across multiple sou...

CVE-2019-14999

The CVE-2019-14999 vulnerability affects the Atlassian Universal Plugin Manager (UPM) REST uninstall endpoint used by Jira. Versions affected are UPM prior to 2.22.19, 3.0.x prior to 3.0.3, and 4.0.x prior to 4.0.3. The flaw allows an authenticated administrator to be CSRF-triggered to uninstall ...

CVE-2018-14999

The CVE-2018-14999 entry describes a vulnerability in the Leagoo P1 where a pre-installed platform app com.wtk.factory contains an exported broadcast receiver (MMITestReceiver) that lets any co-located app trigger a factory reset without permissions. This could wipe all user data and apps on the ...