513 matches found
WordPress Kitring Theme <= 2.8 is vulnerable to Local File Inclusion
Software Kitring Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-49426 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 373cf39af191 Credits Bonds Required privilege Unauthenticated Published 20...
Linux Distros Unpatched Vulnerability : CVE-2019-14858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog...
CVE-2025-31428
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddhaThemes HYDRO hydro allows Reflected XSS.This issue affects HYDRO: from n/a through = 2.8...
WordPress plugin HYDRO 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
RHSA-2025:9308 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
Important: Red Hat Security Advisory: gimp:2.8 security update
An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...
RHSA-2025:9165 Red Hat Security Advisory: gimp:2.8 security update
Bulletin has no description...
CVE-2025-32284
Deserialization of Untrusted Data vulnerability in designthemes Pet World petsworld allows Object Injection.This issue affects Pet World: from n/a through = 2.8...
CVE-2025-32293
Deserialization of Untrusted Data vulnerability in designthemes Finance Consultant finance allows Object Injection.This issue affects Finance Consultant: from n/a through = 2.8...
CVE-2025-32284
CVE-2025-32284 affects designthemes Pet World
CVE-2024-54731
cpdf through 2.8 allows stack consumption via a crafted PDF document...
CVE-2024-50809
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-11841
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure...
Rancher 安全漏洞
Rancher is an open source container management platform open-sourced by Rancher in the United States, built for organizations that deploy containers in production environments. A security vulnerability exists in Rancher versions 2.7.0 through 2.7.16 prior, 2.8.0 through 2.8.9 prior, and 2.9.0...
PT-2025-22639 · Opensuse · Gsl
These are all security issues fixed in the gsl-2.8-4.1 package on the GA media of openSUSE Tumbleweed...
Amazon Linux 2 : freetype (ALAS-2025-2806)
The version of freetype installed on the remote host is prior to 2.8-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2806 advisory. FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c. CVE-2025-23022 An out of bounds write exists ...
PT-2025-14372 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions 2.8.0 through 2.8.13 Rancher versions 2.9.0 through 2.9.7 Rancher versions 2.10.0 through 2.10.3 Description: A vulnerability in SUSE Rancher allows a Restricted Administrator to change the password of Administrators and take...
CVE-2025-1515
CVE-2025-1515 affects the WordPress plugin WP Real Estate Manager (versions up to and including 2.8). The root cause is insufficient identity verification in the LinkedIn login flow , enabling an unauthenticated attacker to perform an authentication bypass and log in as any user, including admini...
CVE-2024-55272
An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain sensitive information via the chat window function...