CVE-2025-15267

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btbbaccordionitem shortcode in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Bold Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001517 advisory. A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault. Tenable has extracted th...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.5.7, which stems from an overprivileged MRTG...

EUVD-2023-12644

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-12942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. CVE-2017-12942 Note that Nessus relies on the presence of the package as...

CVE-2023-0606

Cross-site Scripting XSS - Reflected in GitHub repository ampache/ampache prior to 5.5.7...

CVE-2024-57726

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role...

PT-2024-30461 · WordPress · Wp Data Access

Name of the Vulnerable Software and Affected Versions: WP Data Access versions through 5.5.7 Description: A Cross-Site Request Forgery CSRF issue affects the WP Data Access plugin, allowing potential attacks. Upgrade to a newer version to protect against this issue. Recommendations: For versions...

(RHSA-2023:0633) Moderate: Red Hat OpenShift (Logging Subsystem) security update

Logging Subsystem 5.5.7 - Red Hat OpenShift...

CVE-2023-0771

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop...

Sql injection

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop...

UBUNTU-CVE-2023-0771

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop...

PT-2023-16517 · Ampache · Ampache

Name of the Vulnerable Software and Affected Versions: ampache/ampache versions prior to 5.5.7 Description: The issue is related to SQL Injection in the GitHub repository ampache/ampache. Recommendations: For versions prior to 5.5.7, update to version 5.5.7 or later to resolve the issue...

CVE-2023-0771

CVE-2023-0771 affects the Ampache project (ampache/ampache) prior to version 5.5.7. The issue is a SQL Injection in the web application, arising from the underlying code as described across multiple sources, with impact stated as high for confidentiality, integrity, and availability. The document...

CVE-2023-0771 SQL Injection in ampache/ampache

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop...

Ampache Cross-Site Scripting Vulnerability (CNVD-2023-07918)

Ampache is a web-based audio/video application and file manager. cross-site scripting vulnerability exists in versions prior to Ampache 5.5.7, which stems from the fact that a user can insert malicious js in url-specific parameters and send links to other users, leading to a cross-site scripting...

CVE-2023-0606 Cross-site Scripting (XSS) - Reflected in ampache/ampache

Cross-site Scripting XSS - Reflected in GitHub repository ampache/ampache prior to 5.5.7...

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in Java SE related to the JSSE component

Summary Vulnerability found in Java SE related to the JSSE component used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE...

WordPress miniOrange's Google Authenticator plugin <= 5.5.7 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress miniOrange's Google Authenticator plugin versions = 5.5.7. Solution Update the WordPress miniOrange's Google Authenticator plugin to the latest available version at least 5.5.75...