CVE-2025-12056 Out-of-bounds Read in Shelly Pro 3EM

Out-of-bounds Read in Shelly Pro 3EM before v1.4.4 allows Overread Buffers...

CVE-2025-12056 Out-of-bounds Read in Shelly Pro 3EM

Out-of-bounds Read in Shelly Pro 3EM before v1.4.4 allows Overread Buffers...

PT-2025-32377 · Unknown · Openmetadata

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.4 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the TestDefinitionDAO interface. The entityTyp...

IXON VPN Client 安全漏洞

IXON VPN Client is an industrial equipment remote secure access solution from IXON, a VPN client optimized for the IXON Cloud platform. A security vulnerability exists in IXON VPN Client versions prior to 1.4.4, which stems from a competitive condition that could lead to local elevation of...

WordPress WooCommerce Product Filter plugin < 1.4.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin Themify – WooCommerce Product Filter versions 1.4.4...

WordPress WooCommerce Product Filter plugin < 1.4.4 - Filter Deletion via CSRF vulnerability

Filter Deletion via CSRF vulnerability discovered by Erwan LR WPScan in WordPress Plugin Themify – WooCommerce Product Filter versions 1.4.4...

PT-2024-19508 · WordPress · Themify

Name of the Vulnerable Software and Affected Versions: Themify WordPress plugin versions prior to 1.4.4 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page. This...

WordPress Plugin Assistant Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-32335 · WordPress · The Assistant Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Assistant WordPress plugin versions prior to 1.4.4 Description: The issue arises from the plugin not validating a parameter before making a request to it via wp remote get, which could allow users with a role as low as Editor to perform...

SUSE CVE-2011-1143

epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted .pcap file...

Typora 跨站脚本漏洞

Typora is a lightweight Markdown editor developed by Abner Lee. A cross-site scripting vulnerability exists in versions prior to Typora 1.4.4, which can be exploited by attackers to launch cross-site scripting attacks...

WordPress plugin Per page add to head 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2021-16102 · WordPress · Per Page Add To Head

Name of the Vulnerable Software and Affected Versions: Per page add to head WordPress plugin versions prior to 1.4.4 Description: The issue is related to the lack of CSRF checks when saving settings, which could allow attackers to make changes to the settings of a logged-in admin. Additionally, t...

Roundcube Webmail Path Traversal Vulnerability

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A security vulnerability exists in the rcubepluginapi.php file in Roundcube Webmail versions prior to 1.4.4. An attacker can exploit this vulnerability ...

Roundcube Webmail Parameter Injection Vulnerability

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A security vulnerability exists in the rcubeimage.php file in Roundcube Webmail versions prior to 1.4.4. An attacker can exploit the vulnerability to...

Roundcube Webmail Cross-Site Request Forgery Vulnerability (CNVD-2020-31750)

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A cross-site request forgery vulnerability exists in Roundcube Webmail versions prior to 1.4.4. The vulnerability stems from a WEB application that does...

PT-2020-3644 · Roundcube +4 · Roundcube Webmail +4

Name of the Vulnerable Software and Affected Versions: Roundcube Webmail versions prior to 1.4.4 Description: The issue is related to a cross-site scripting XSS vulnerability in the rcube washtml.php file of Roundcube Webmail. This vulnerability occurs because JavaScript code can be present in th...

rkhunter Remote Code Execution Vulnerability

rkhunter is a Unix-based scanning tool. The tool is used to scan for rootkits, backdoor programs, and other local vulnerabilities. A security vulnerability exists in versions of rkhunter prior to 1.4.4. A remote attacker can exploit this vulnerability to execute arbitrary code...

UBUNTU-CVE-2017-7480

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution...

DEBIAN-CVE-2010-2431

The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the 1 /var/cache/cups/remote.cache or 2 /var/cache/cups/job.cache file...