267 matches found
CVE-2025-68084
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.3...
CVE-2025-68084 WordPress Ultimate Auction plugin <= 4.3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.3...
WordPress plugin Ultimate Auction 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-51413
Name of the Vulnerable Software and Affected Versions Nitesh Ultimate Auction versions through 4.3.2 Description A flaw exists in Nitesh Ultimate Auction that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Nitesh...
PT-2025-51463
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.2...
WordPress Ultimate Auction plugin <= 4.3.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...
WordPress Ultimate Auction plugin <= 4.3.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...
WonderCMS 跨站脚本漏洞
WonderCMS is an open source PHP-based content management system CMS from WonderCMS, Inc. A cross-site scripting vulnerability exists in WonderCMS version 4.3.2, which stems from the presence of cross-site scripting in the module installation endpoints, which could lead to the injection of malicio...
CVE-2025-49937
Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through = 4.3.2...
CVE-2025-49937
CVE-2025-49937 concerns a Missing Authorization issue (Broken Access Control) in the WordPress plugin Smash Balloon Social Post Feed (custom-facebook-feed). Affected versions are up to and including 4.3.2. The vulnerability arises from incorrectly configured access control security levels, enabli...
PT-2025-43201
Name of the Vulnerable Software and Affected Versions Smash Balloon Social Post Feed versions through 4.3.2 Description An authorization issue exists in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed. This allows exploitation of incorrectly configured access control security...
WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Smash Balloon Social Post Feed versions = 4.3.2...
EUVD-2021-15108
Malware in sbrugna...
EUVD-2014-0084
Malware in sbrugna...
EUVD-2023-45397
Malicious code in bioql PyPI...
EUVD-2023-36861
Malicious code in bioql PyPI...
EUVD-2024-1924
Malicious code in bioql PyPI...
EUVD-2023-0078
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-18976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'dochecksum' function in 'checksum.c'. It can be triggered by sending ...
Security Bulletin: IBM Transformation Advisor is affected by vulnerability found in Node.js (CVE-2025-7338)
Summary There is a vulnerability in Node.js used by IBM Transformation Advisor, The issues have been addressed in an update. Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version...