CVE-2025-69098 WordPress Hide My WP plugin <= 6.2.12 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...

VMware Spring Framework < 5.3.46, 6.0.x < 6.1.24, 6.2.x < 6.2.12 CSRF Vulnerability - Windows

The VMware Spring Framework is prone to a STOMP cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fortinet FortiManager Unauthenticated RCE

This module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are: 7.6.0 7.4.0 through 7.4.4 7.2.0 through 7.2.7 7.0.0 through 7.0.12 6.4.0 through 6.4.14...

BIT-VALKEY-2023-28856 `HINCRBYFLOAT` can be used to crash a redis-server process

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...

PT-2024-37345 · Sowa Opac · Sowa Opac

Name of the Vulnerable Software and Affected Versions: SOWA OPAC versions 4.0 through 4.9.10 SOWA OPAC versions 5.0 through 6.2.12 Description: The issue allows for Reflected Cross-Site Scripting XSS due to improper neutralization of input during web page generation. An attacker could trick a use...

CVE-2024-25580

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...

PT-2023-32927 · Unknown · Muyun Dedebiz

Name of the Vulnerable Software and Affected Versions: Muyun DedeBIZ versions up to 6.2.12 Description: A critical issue was found in the component Add Attachment Handler, allowing for unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public. The vend...

Linux kernel fbcon.c file out-of-bounds read vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.2.12, which stems from assigning only the first vc in setcon2fbmap in...

CVE-2023-38409

An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...

CVE-2023-28856 affecting package redis for versions less than 6.2.12-1

CVE-2023-28856 affecting package redis for versions less than 6.2.12-1. An upgraded version of the package is available that resolves this issue...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2122-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2122-1 advisory. - Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCA...

[SECURITY] Fedora 38 Update: kernel-6.2.12-300.fc38

The kernel meta package...

CVE-2023-28856

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...

AZL-26290 CVE-2023-28856 affecting package redis for versions less than 6.2.12-1

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...

PT-2023-3517

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 6.0.19 Redis versions prior to 6.2.12 Redis versions prior to 7.0.11 Description: The issue is related to insufficient input validation in the Redis database management system. Exploitation of this issue can allow a...

Design/Logic Flaw

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

Splunk Enterprise HTTP Request Injection Vulnerability (SP-CAAAPSR)

Splunk Enterprise is prone to a HTTP request injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Splunk Enterprise Multiple Vulnerabilities (SP-CAAAPSR)

Splunk Enterprise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk"; if...

Splunk Enterprise SSRF Vulnerability (SP-CAAAPSR)

Splunk Enterprise is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHP Address Book 6.2.12 Multiple vulnerabilities

Exploit for php platform in category web applications Advisory: PHP Address Book 6.2.12 Multiple security vulnerabilities Author: Stefan Schurtz Affected Software: Successfully tested on PHP Address Book 6.2.12 Vendor URL: http://sourceforge.net/projects/php-addressbook/ Vendor Status: informed...