CVE-2025-67999

Technical details for CVE-2025-67999 are not provided in the supplied documents. Monitor for updates; the materials do not specify affected product versions, impact, or remediation.

CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

PT-2025-12767 · WordPress · Teachpress

Name of the Vulnerable Software and Affected Versions: teachPress plugin for WordPress versions up to, and including, 9.0.9 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the "import.php" page. This allows unauthenticated attackers ...

CVE-2024-29945

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at...

CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into...

CVE-2024-29946

CVE-2024-29946 affects Splunk Enterprise versions older than 9.2.1, 9.1.4, and 9.0.9. The Dashboard Examples Hub lacks protections for risky SPL commands, potentially allowing bypass of safeguards. The attack requires phishing the victim into initiating a browser request. Remediation per connecte...

PT-2024-2533 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.1 Splunk Enterprise versions prior to 9.1.4 Splunk Enterprise versions prior to 9.0.9 Description: The issue is related to the lack of protections for risky SPL commands in the Dashboard Examples Hub...

CentOS 9 : grafana-9.0.9-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-2.el9 build changelog. - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by...

Grafana 8.5.0 < 8.5.13, 9.0.0 < 9.0.9, 9.1.0 < 9.1.6 Privilege Escalation Vulnerability (GHSA-p978-56hq-r492)

Grafana is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:grafana:grafana"; if...

PT-2022-23151

Name of the Vulnerable Software and Affected Versions Grafana versions prior to 8.5.13 Grafana versions prior to 9.0.9 Grafana versions prior to 9.1.6 Description The issue is related to Improper Preservation of Permissions, resulting in privilege escalation on some folders where Admin is the onl...

Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-013) - Windows

Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...

CVE-2020-2034 — PAN-OS: OS command injection vulnerability in GlobalProtect portal

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if...

Tails 4.5 - Live System to Preserve Your Privacy and Anonymity

The Tails team is happy to publish Tails 4.5, the first version of Tails to support Secure Boot. This release also fixes many security vulnerabilities. You should upgrade as soon as possible. New features Secure Boot Tails now starts on computers with Secure Boot enabled. If your Mac displays the...

Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability - Windows

Apache Tomcat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Apache Tomcat Security Restriction Bypass Vulnerability (CNVD-2018-15543)

Tomcat server is a free and open source web application server that is a lightweight application server. A security bypass vulnerability exists in Apache Tomcat versions 7.0.25 through 7.0.88, 8.5.0 through 8.5.31, and 9.0.0.M1 and 9.0.9. A remote attacker could use this vulnerability to bypass...

Apache Tomcat CVE-2018-8037 Information Disclosure Vulnerability

Description Apache Tomcat is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Apache Tomcat 8.5.5 through 8.5.31 and 9.0.0.M9 through 9.0.9 are vulnerable. Technologies Affected Apache Tomcat 8.5.11...

PT-2018-2982 · Apache +7 · Apache Tomcat +7

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.35 through 7.0.88 Apache Tomcat versions 8.0.0.RC1 through 8.0.52 Apache Tomcat versions 8.5.0 through 8.5.31 Apache Tomcat versions 9.0.0.M1 through 9.0.9 Description: The issue is related to the host name...

databases/postgresql*-server -- multiple vulnerabilities

The PostgreSQL Global Development Group reports: The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and...