Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🚀 Automated Log4Shell CVE-2021-44228 Play & Plug Lab An aut...

PT-2026-35900

Server-Side Request Forgery SSRF vulnerability in ILLID Share This Image share-this-image allows Server Side Request Forgery.This issue affects Share This Image: from n/a through = 2.14...

PT-2025-51054

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

CVE-2025-13505

Datateam Datactive contains a Stored XSS vulnerability due to improper neutralization of user input during web page generation and script-related HTML tags. Affected versions are 2.13.34 up to, but not including, 2.14.0.6. The issue allows attackers to inject and execute malicious scripts in page...

OpenVPN Access Server 安全漏洞

OpenVPN Access Server is a web-based VPN management interface from OpenVPN, Inc. A security vulnerability exists in OpenVPN Access Server versions 2.14.0 through 2.14.3, which stems from the RelayState parameter in the SAML Authentication module not being filtered correctly, which could lead to...

EUVD-2017-2751

Malware in sbrugna...

EUVD-2002-0801

Malware in sbrugna...

EUVD-2025-9833

Malicious code in bioql PyPI...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1981)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 versions prior to 2.13.8 and 2.14.x through 2.14.2, which stems from an out-of-bounds memory access due to ...

CVE-2025-32188

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo Labels: from n/a through = 2.15...

Linux Distros Unpatched Vulnerability : CVE-2012-0864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the...

log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint...

CVE-2025-23547 WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shawfactor LH Login Page lh-login-page allows Reflected XSS.This issue affects LH Login Page: from n/a through = 2.14...

The OpenSearch reporting plugin improperly controls tenancy access to reporting resources

Summary An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. Impact The lack of...

CVE-2024-39900

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

CVE-2024-39900 OpenSearch Dashboards Reports does not properly restrict access to private tenant resources

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

CVE-2024-39900 OpenSearch Dashboards Reports does not properly restrict access to private tenant resources

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

CVE-2024-39901 OpenSearch Observability does not properly restrict access to private tenant resources

OpenSearch Observability is collection of plugins and applications that visualize data-driven events. An issue in the OpenSearch observability plugins allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

PT-2024-28718 · Unknown +1 · Opensearch +1

Name of the Vulnerable Software and Affected Versions: OpenSearch versions prior to 2.14 Description: An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessi...