CVE-2026-57627

CVE-2026-57627 describes a Server-Side Request Forgery (SSRF) in the WordPress Kirki plugin, versions

CVE-2025-67569

Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through = 6.0.11...

WordPress AdForest theme <= 6.0.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme AdForest versions = 6.0.11...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414342 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the...

EUVD-2022-6616

Malicious code in bioql PyPI...

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.

...

CVE-2022-47518

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management...

[SECURITY] Fedora 37 Update: kernel-6.0.11-300.fc37

The kernel meta package...

PT-2024-11875 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.11 Description: The issue is related to a memory leak caused by the afs put server function in the Linux kernel. Specifically, the atomic read was accidentally replaced with atomic inc return, which prevents...

PT-2022-6044 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.11 Description: An issue in the Linux kernel's WILC1000 wireless driver is related to a heap-based buffer overflow. This occurs due to missing validation of the number of channels when copying the list of...

Snipe-IT 跨站脚本漏洞

Snipe-IT is an open source IT asset/license management system. A cross-site scripting vulnerability exists in Snipe-IT versions prior to v6.0.11, which originates from a user with Super Administrator privileges being able to implement cross-site scripting via a Markdown Input field...

PT-2022-4504 · Snipe-It · Snipe-It

Name of the Vulnerable Software and Affected Versions: snipe-it versions prior to 6.0.11 Description: The issue is related to a Cross-site Scripting XSS - Stored vulnerability. It exists due to inadequate protection of the web page structure, allowing a remote attacker to conduct an inter-site...

CVE-2020-2502

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. Photo Station 6.0.11 and later...

OTRS 4.x < 4.0.32, 5.x < 5.0.30, 6.x < 6.0.11 Multiple Vulnerabilities

OTRS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...