CVE-2026-7563

The CVE-2026-7563 entry concerns the WordPress plugin Classified Listing – AI-Powered Classified ads & Business Directory (versions up to and including 5.3.10). The vulnerability arises from missing authorization verification, enabling authenticated users with subscriber-level access or higher to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004086)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004086 advisory. The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004064 advisory. In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004343 advisory. In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h. Tenable has extracted the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000267 advisory. A memory leak in the unittestdataadd function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service memory...

EUVD-2019-9369

Malware in sbrugna...

EUVD-2012-0857

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the...

WordPress plugin Modal Window 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-26133 · WordPress · Modal Window

Name of the Vulnerable Software and Affected Versions: The Modal Window WordPress plugin versions prior to 5.3.10 Description: The issue is related to the lack of a CSRF check when bulk deleting modals, which could allow attackers to make a logged-in admin delete them via a CSRF attack...

SUSE CVE-2012-0831

PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...

springframework: malicious input leads to insertion of additional log entries

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

Moderate: Red Hat Security Advisory: Openshift Logging Bug Fix and security update Release (5.3.10)

Openshift Logging Bug Fix Release 5.3.10 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

LimeSurvey <= 5.3.10 XSS Vulnerability

LimeSurvey is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-1155

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10...

Code injection

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10...

PT-2022-13266 · Snipe-It · Snipe-It

Name of the Vulnerable Software and Affected Versions: snipe/snipe-it versions prior to 5.3.9 snipe/snipe-it versions prior to 5.3.10 Description: The issue concerns exposure of sensitive information to an unauthorized actor. Recommendations: For versions prior to 5.3.9, update to version 5.3.9 o...

WordPress 5.8 < 5.8.2 / 5.7 < 5.7.4 / 5.6 < 5.6.6 / 5.5 < 5.5.7 / 5.4 < 5.4.8 / 5.3 < 5.3.10 / 5.2 < 5.2.13

WordPress versions 5.8 5.8.2 / 5.7 5.7.4 / 5.6 5.6.6 / 5.5 5.5.7 / 5.4 5.4.8 / 5.3 5.3.10 / 5.2 5.2.13 are affected by one or more vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security...

DEBIAN-CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

UBUNTU-CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...