PT-2025-49901

Name of the Vulnerable Software and Affected Versions Opal WP ekommart versions prior to 4.3.1 Description A flaw exists in Opal WP ekommart that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue impacts the software’s handling of...

CVE-2025-41452

Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...

CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series

Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...

CVE-2025-41451

CVE-2025-41451 affects Danfoss AK-SM8xxA Series prior to version 4.3.1. Root cause: improper neutralization of alarm-to-mail configuration fields in an OS shell command, enabling post-authenticated remote code execution on the attacked system. Impact: remote code execution with high severity; att...

WordPress SULly plugin < 4.3.1 - Plugin Reset via CSRF vulnerability

Plugin Reset via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin SULly versions 4.3.1...

CVE-2024-6179

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

PT-2023-11617 · Unknown · Sogo Web Mail

Name of the Vulnerable Software and Affected Versions: SOGo Web Mail versions prior to 4.3.1 Description: The issue allows attackers to obtain user sensitive information when a user reads an email containing malicious code. This is due to a Cross Site Scripting XSS vulnerability. Recommendations:...

Amazon Linux 2 : qemu (ALAS-2020-1570)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1570 advisory. A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ipreass...

Intel Open WebRTC Toolkit Elevation of Privilege Vulnerability

Intel Open WebRTC Toolkit is a U.S. Intel Intel company based on the Gstreamer implementation of open source , cross-platform WebRTC client framework for end-to-end audio/video communication development toolkit . The toolkit is used to create high-performance, reliable and scalable real-time...

PT-2020-15021 · Powerdns +4 · Powerdns Authoritative Server +4

Name of the Vulnerable Software and Affected Versions: PowerDNS Authoritative Server versions prior to 4.3.1 Description: An issue has been found where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory...

UBUNTU-CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

CVE-2018-17922

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication...

CVE-2018-4237

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a...

CVE-2015-7989

Cross-site scripting XSS vulnerability in the user list table in WordPress before 4.3.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted e-mail address, a different vulnerability than CVE-2015-5714...

CVE-2011-1716

Multiple cross-site scripting XSS vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...