Investory Toy Planet Trouble App 安全漏洞

Investory Toy Planet Trouble App is an educational adventure game app developed by Investory. Versions of Investory Toy Planet Trouble App prior to 1.5.5 contained a security vulnerability, which was caused by the use of a hardcoded encryption key for the parameter currentkey...

CVE-2026-24809

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

CVE-2026-24809

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

CVE-2026-24809 Save stack space while handling errors in praydog/REFramework

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

PT-2026-1732

Name of the Vulnerable Software and Affected Versions WP Page Permalink Extension versions prior to 1.5.5 Description The WP Page Permalink Extension plugin for WordPress is susceptible to a missing authorization issue. This occurs because of a lack of authorization checks within the cwpp trigger...

Ossur Mobile Logic Application 命令注入漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A command injection vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5, which stems from the presence of multiple bash files in the application's private directory, which ca...

Ossur Mobile Logic Application 信任管理问题漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A trust management issue vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5, which stems from hard-coded credentials being included in the application binary, allowing an...

UBUNTU-CVE-2023-5631

Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcubewashtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code...

WordPress plugin KB Support 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

UBUNTU-CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...