WordPress plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2026-9985

LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting XSS vulnerability. This issue has been patched in version 4.8.7...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002914 advisory. security/keys/bigkey.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allow...

Mercury MR816v2 安全漏洞

The Mercury MR816v2 is an access control device from Mercury China. A security vulnerability exists in Mercury MR816v2 081C3114 version 4.8.7 Build 110427 Rel 36550n, which originates from stored cross-site scripting and could lead to the disclosure of an administrator's session and the execution...

EUVD-2025-30547

Malicious code in bioql PyPI...

PT-2025-38939

Name of the Vulnerable Software and Affected Versions Syed Balkhi All In One SEO Pack versions through 4.8.7 Description An authorization issue exists in Syed Balkhi All In One SEO Pack, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update All...

WordPress plugin All In One SEO Pack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in pdfjs-dist

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of pdfjs-dist Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This...

CVE-2025-0365 Jupiterx Core <= 4.8.7 - Authenticated (Contributor+) Arbitrary File Read

The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server,...

WordPress plugin Jupiter X Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

WordPress Jupiterx Core plugin <= 4.8.7 - Authenticated (Contributor+) Arbitrary File Read vulnerability

Authenticated Contributor+ Arbitrary File Read vulnerability discovered by stealthcopter in WordPress Plugin JupiterX Core versions = 4.8.7...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi [CVE-2024-39689]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi, caused by the use of GLOBALTRUST root certificate CVE-2024-39689. Certifi python-certifi is used by our Speech Service runtimes. This vulnerabilitiy has been...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in zipp [CVE-2024-5569]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in zipp, caused by an infinite loop flaw in the Path module CVE-2024-5569. Zipp is used by our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read the details for...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in pypa/setuptools [CVE-2024-6345]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in pypa/setuptools , caused by an error in the packageindex module. CVE-2024-6345. pypa/setuptools is used by our Speech Service runtimes. This vulnerabilitiy has been addressed...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in setuptools

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of setuptools Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow a remote attacker to execute arbitrary code on the system, caused by an error in the packageindex module. By...

OPENSUSE-SU-2024:0114-1 Security update for pdns-recursor

This update for pdns-recursor fixes the following issues: - update to 4.8.8: fixes a case when a crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured boo1223262, CVE-2024-25583 - changes in 4.8.7: If serving stale, wipe CNAME records from cache when ...

PT-2024-15120 · WordPress · Ean For Woocommerce

Name of the Vulnerable Software and Affected Versions: EAN for WooCommerce plugin for WordPress versions up to, and including, 4.8.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'alg wc ean product meta' shortcode due to insufficient input sanitization and...

[SECURITY] [DLA 3539-1] qt4-x11 security update

Debian LTS Advisory DLA-3539-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez August 22, 2023 https://wiki.debian.org/LTS Package : qt4-x11 Version : 4:4.8.7+dfsg-18+deb10u2 CVE ID : CVE-2021-3481 CVE-2021-45930 CVE-2023-32573 CVE-2023-32763 CVE-2023-34410...

SUSE CVE-2015-1858

Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service segmentation fault and crash and possibly execute arbitrary code via a crafted BMP image...

WSO2 carbon-registry vulnerable to Cross-site Scripting

A vulnerability classified as problematic has been found in WSO2 carbon-registry before 4.8.7. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to...