10 matches found
CVE-2026-24013
Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...
Astra Linux – Vulnerability in libqb
In logblackbox.c in libqb before version 2.0.8, a buffer overflow can occur due to the use of long log messages, as the size of the log headers is not taken into consideration...
CVE-2025-10227
Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...
CVE-2025-10227
Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...
WordPress plugin Products, Order & Customers Export for WooCommerce Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
CVE-2023-5799
The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them...
UBUNTU-CVE-2023-39976
logblackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered...
WordPress plugin Optimize images ALT Text & names for SEO using AI 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Optimize...
CVE-2022-0147
The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...
CVE-2019-15898
Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page...