PT-2026-32669

Name of the Vulnerable Software and Affected Versions Fortinet FortiAnalyzer Cloud versions 7.6.2 through 7.6.4 FortiManager Cloud versions 7.6.2 through 7.6.4 Description A heap-based buffer overflow allows a remote unauthenticated attacker to execute arbitrary code or commands by sending...

Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞

Fortinet FortiManager Cloud and Fortinet FortiAnalyzer Cloud are products of Fortinet, a US-based company. Fortinet FortiManager Cloud is a cloud-based network management software. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on FortiAnalyzer. There are security...

Exploit for Relative Path Traversal in Fortinet Fortiweb

CVE-2025-64446 - FortiWeb Authentication Bypass Exploit De...

EUVD-2025-4975

Malicious code in bioql PyPI...

EUVD-2024-42384

Malicious code in bioql PyPI...

EUVD-2025-12767

Malicious code in bioql PyPI...

CVE-2025-53609

A Relative Path Traversal vulnerability CWE-23 in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7.4.8, 7.2.0 through 7.2.11, 7.0.2 through 7.0.11 may allow an authenticated attacker to perform an arbitrary file read on the underlying system via crafted requests...

CVE-2024-5961

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...

CVE-2023-2982

The WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes...

CVE-2025-46619

CVE-2025-46619 affects Couchbase Server: versions prior to 7.6.4 are vulnerable; Windows specifically affected up to 7.2.7. The issue could allow unauthorized access to sensitive files (e.g., /etc/passwd, /etc/shadow) depending on privilege level. Fixed in v7.6.4 for general use and in v7.2.7 for...

CVE-2025-46619

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or /etc/shadow...

LibreOffice Code Execution Vulnerability (Nov 2024) - Windows

LibreOffice is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

LibreOffice Code Execution Vulnerability (Nov 2024) - Linux

LibreOffice is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

PT-2024-32563 · Unknown · Yellowpencil Visual Css Style Editor

Name of the Vulnerable Software and Affected Versions: YellowPencil Visual CSS Style Editor versions n/a through 7.6.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. A...

RHSA-2023:3884 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.4 security update on RHEL 8

Bulletin has no description...

CVE-2024-5961

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...

CVE-2024-5961 Reflected XSS in 2ClickPortal

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software...

WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR)

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.3 Fixed in 7.6.4 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-46311 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 05932cb617e2 Credits Revan Arifio Requir...

Authentication flaw

The WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes...

WordPress plugin Social Login and Register 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in WordPres...