WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Configuration Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Configuration Deletion vulnerability discovered by Ren Voza in WordPress Plugin FOX versions = 1.4.5...

EUVD-2018-9317

Malware in sbrugna...

EUVD-2025-12695

Malicious code in bioql PyPI...

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

CVE-2025-24349

CVE-2025-24349 affects the web application of ctrlX OS under the Network Interfaces feature. A remote authenticated (low-privilege) attacker can delete the configuration of physical network interfaces by sending a crafted HTTP request. The vulnerability is evidenced across multiple sources (NVD, ...

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

PT-2025-18263 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to delete the configuration of physical...

Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...

PT-2022-4029 · Jenkins · Jenkins Job Configuration History Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Job Configuration History Plugin versions 1155.v28a 46a cc06a 5 and earlier Description: The issue is related to a cross-site request forgery CSRF vulnerability. This vulnerability can be exploited by a remote attacker to perform a CS...

Denial Of Service (DoS)

github.com/go-gitea/gitea is vulnerable to denial of service DoS attacks. A malicious user is able to crash the system via deleting the configuration file...

TP-Link TL-SG2005和TP-Link TL-SG2008 输入验证错误漏洞

Tp-link TP-Link TL-SG2005 and TP-Link TL-SG2008 are both switches from Tp-link. A security vulnerability exists in TP-Link TL-SG2005 and TL-SG2008. The vulnerability originates from version 1.0.0 of TL-SG2005 and TL-SG2008, which is affected by an array indexing error, whereby the interfaces that...

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Services Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability...