1396 matches found
WordPress plugin amr cron manager 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...
lily 资源管理错误漏洞
Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a resource management vulnerability, which stems from the reuse of resources after release, potentially leading to local memory corruption...
Security Bulletin: Arbitrary Code Execution in Logback-Core via Conditional Configuration Processing, affects watsonx.data
Summary QOS.CH logback-core up to and including version 1.5.18 is vulnerable to arbitrary code execution due to unsafe conditional configuration file processing. An attacker with existing privileges can exploit this by modifying an existing Logback configuration file or injecting a malicious...
CVE-2026-24413
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
CVE-2020-36960
Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like '' to execute arbitrary JavaScript when the profile is viewed by other users...
CVE-2025-49045 WordPress Super Interactive Maps plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...
WordPress plugin super-interactive-maps has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...
CVE-2026-22708
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
CVE-2023-4754
Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2023-4679
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gffilterpacketdel function in filtercore/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash...
CVE-2023-4778
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2023-4681
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2023-4755
Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2023-4720
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2024-39688
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is concatenated with other folders and used to open a new file in the generateconfig function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitra...
CVE-2019-7872
An insecure direct object reference IDOR vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing us...
PT-2026-1535
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A memory corruption issue exists when handling sensor utility operations. The issue could potentially affect a large number of devices worldwide, though a specific number is not provided. The vulnerability lie...
PT-2026-1531
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A memory corruption issue exists when performing sensor register read operations. The issue could potentially allow for unexpected behavior or compromise of the system. Recommendations At the moment, there is ...
PT-2025-53714
Name of the Vulnerable Software and Affected Versions GreenCMS versions prior to 2.3 Description A flaw exists in GreenCMS up to version 2.3 within the File Handler component, specifically in the /DataController.class.php file. Manipulation of the sqlFiles/zipFiles argument can lead to path...