EUVD-2025-32603

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

WordPress plugin WP Headmaster 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

PT-2024-28484 · WordPress · Recaptcha Jetpack Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: reCAPTCHA Jetpack WordPress plugin versions prior to 0.3 Description: The issue concerns a lack of CSRF check when updating settings, potentially allowing attackers to manipulate a logged-in admin into changing them via a CSRF attack...

PT-2022-10288 · Atune · Atune

Name of the Vulnerable Software and Affected Versions: atune versions prior to 0.3-0.8 Description: The issue allows an attacker to escalate local privileges or modify any file by accessing the local atune URL interface. This can be achieved by logging in as a local user and running a curl comman...

Tor Protection Selection Algorithm Vulnerability

Tor is free software that enables anonymous communication. A vulnerability in the guard selection algorithm exists in Tor 0.3.0.9 prior to version 0.3.x. A remote attacker could exploit this vulnerability to compromise the intended anonymity properties...

PYSEC-2015-13

CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the camefrom parameter to admin/login...