Improper Control of Interaction Frequency

Overview org.apache.cassandra:cassandra-all is a maven plugin for the Apache Cassandra Project. Which, develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model. Affected versions of this...

CVE-2026-32588

The CVE affects Apache Cassandra (versions 4.0, 4.1, 5.0). A vulnerability in the Cassandra Query Language (CQL) path allows an authenticated user to repeatedly change passwords (ALTER ROLE) and trigger expensive authentication-table reads/writes, causing increased query latency and potential Den...

CVE-2021-41830

It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory...

EUVD-2025-200289

Singluarity ineffectively applies selinux / apparmor LSM process labels...

EUVD-2019-17083

Malware in sbrugna...

EUVD-2025-30545

Malicious code in bioql PyPI...

EUVD-2025-30529

Malicious code in bioql PyPI...

CVE-2025-58672

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.1.12...

CVE-2025-58673

Improper Control of Generation of Code 'Code Injection' vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through = 4.1.12...

CVE-2025-58672

CVE-2025-58672 is a Missing Authorization vulnerability in WP User Frontend. The connected Wordfence entry confirms an Authenticated (Subscriber+) Arbitrary Shortcode Execution in WP User Frontend

CVE-2025-58673 WordPress WP User Frontend Plugin <= 4.1.12 - Content Injection Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through = 4.1.12...

CVE-2025-58673

CVE-2025-58673 corresponds to a vulnerability in WP User Frontend where an authenticated (Subscriber+) attacker can perform Arbitrary Shortcode Execution through the plugin’s shortcode handling. The Wordfence vulnerability listing confirms the affected software as WP User Frontend (

CVE-2025-58673 WordPress WP User Frontend Plugin <= 4.1.12 - Content Injection Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through = 4.1.12...

CVE-2021-41832

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...

CVE-2021-24359

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could b...

WordPress plugin MultiLoca - WooCommerce Multi Locations Inventory Management SQL注入漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin MultiLoca - WooCommerce Multi Locations Inventory Management A SQL...

RHSA-2019:2504 Red Hat Security Advisory: OpenShift Container Platform 4.1.11 openshift security update

Bulletin has no description...

RHBA-2018:1219 Red Hat Bug Fix Advisory: Red Hat Virtualization Manager (ovirt-engine) 4.1.11

Bulletin has no description...

LimeSurvey Zip Path Traversals

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LimeSurvey Zip Path Traversals', 'Description' = %q This module exploits an authenticated path traversal vulnerability found in LimeSurvey versio...

BIT-LIMESURVEY-2020-22607

Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the 1 name and 2 description parameters in application/controllers/admin/PermissiontemplatesController.php...