Teradek Cube 安全漏洞

Teradek Cube is a video decoder from Teradek. A security vulnerability exists in Teradek Cube version 7.3.6, which stems from vulnerability to a cross-site request forgery attack that could result in a change of the administrator password...

EUVD-2025-21288

Malicious code in bioql PyPI...

WordPress plugin Titan Anti-spam & Security 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

RHSA-2021:0874 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update

Bulletin has no description...

RHSA-2021:0872 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update

Bulletin has no description...

WordPress Titan Anti-spam & Security Plugin <= 7.3.6 is vulnerable to Broken Access Control

Software Titan Anti-spam & Security Type Plugin Vulnerable versions = 7.3.6 Fixed in 7.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38777 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ff019213e5be Credits Joshua Chan...

WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Broken Access Control

Software Themify Ultra Type Theme Vulnerable versions = 7.3.5 Fixed in 7.3.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46146 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID dba7a9d87836 Credits Rafie Muhammad Patchstack...

WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload

Software Themify Ultra Type Theme Vulnerable versions = 7.3.5 Fixed in 7.3.6 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-46149 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 04def42b7ff1 Credits Rafie Muhammad Patchstack Required privile...

Liferay Portal和Liferay DXP SQL注入漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

WordPress Quiz And Survey Master plugin <= 7.3.6 - Multiple Insecure direct object references (IDOR) vulnerabilities

Multiple Insecure direct object references IDOR vulnerabilities were discovered by Vlad Vector Patchstack in WordPress Quiz And Survey Master plugin versions = 7.3.6. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at least 7.3.7...

DEBIAN-CVE-2022-3140

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal...

KLA20006 RCE vulnerability in LibreOffice

Remote code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Macro URL arbitrary script execution Related products LibreOffice CVE list CVE-2022-3140 high Solution Update to the latest version Download...

PT-2022-10707 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.2 through 7.3.6 Liferay DXP 7.3 before fix pack 2 Description: A cross-site scripting XSS issue exists in the Blogs module's edit blog entry page, allowing remote attackers to inject arbitrary web script or HTML vi...

PT-2022-10705 · Liferay · Liferay Portal

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.4 through 7.3.6 Description: A cross-site scripting XSS issue exists in the Asset module, allowing remote attackers to inject arbitrary web script or HTML when creating a collection page. This is achieved via the c...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.6 (RHSA-2021:0872)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0872 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.6 security update

A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PHP 'new COM()' Denial of Service Vulnerability

Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to crash the affected application resulting in denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP...

PHP 'unserialize()' Stack Buffer Overflow Vulnerability

Description PHP is prone to a remote stack-based buffer-overflow because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code...

CVE-2019-5498

OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user...