513 matches found
CVE-2025-67934
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through 2.8...
RHSA-2026:0250 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
CVE-2025-67934
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through 2.8...
CVE-2025-67934
CVE-2025-67934 affects Wellspring (WellSpring WordPress Theme by Mikado-Themes) prior to 2.8, enabling unauthenticated Local File Inclusion via improper handling of PHP include/require filename. Wordfence notes the Wellspring
PT-2026-1909
Name of the Vulnerable Software and Affected Versions Mikado-Themes Wellspring versions prior to 2.8 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The...
RHSA-2026:0027 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
RHSA-2025:23857 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
CVE-2025-49300
CVE-2025-49300 affects WordPress plugin Traveler Option Tree (shinetheme) up to version 2.8. The vulnerability arises from insertion of sensitive information into data that is sent, enabling retrieval of embedded sensitive data from the custom-option-tree component. Affected versions are through ...
PT-2025-51378
Name of the Vulnerable Software and Affected Versions shinetheme Traveler Option Tree versions through 2.8 Description A flaw exists in shinetheme Traveler Option Tree that allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. The issue is...
RHSA-2025:22417 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
CVE-2025-13588
The CVE-2025-13588 affects lKinderBueno Streamity Xtream IPTV Player up to version 2.8. The vulnerable element is an unknown function in public/proxy.php, leading to server-side request forgery (SSRF) that can be triggered remotely. Public exploitation exists, with CVSS-derived notes indicating n...
vLLM deserialization vulnerability leading to DoS and potential RCE
Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...
GHSA-MRW7-HF4F-83PF vLLM deserialization vulnerability leading to DoS and potential RCE
Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...
CVE-2025-60234
Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...
CVE-2025-60234
Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...
WordPress Search & Go Theme <= 2.7 is vulnerable to Privilege Escalation
Software Search & Go Type Theme Vulnerable versions = 2.7 Fixed in 2.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-11522 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 0f681595092d Credits khanhhnahk1...
EUVD-2018-1907
Malware in sbrugna...
EUVD-2008-6395
Malware in sbrugna...
EUVD-2001-0095
Malware in sbrugna...
EUVD-2012-0869
Malware in sbrugna...