Lexmark 安全漏洞

Lexmark is a family of printers from Lexmark, Inc. in the United States. A security vulnerability exists in Lexmark that stems from the presence of a combined path traversal and concurrent execution vulnerability that could allow an attacker to execute arbitrary code and/or modify the contents of...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47701)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47701 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr...

The vulnerabilities of the components of the Oracle Java SE software platform, including Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition, allow attackers to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerabilities of the Oracle Java SE software platform’s components, as well as the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, are related to deficiencies in the authentication mechanism. Exploiting these vulnerabilities can allow an attacker to gain...

WordPress plugin Single-user-chat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-21507

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

PT-2025-1969 · WordPress · Adforest

Name of the Vulnerable Software and Affected Versions: AdForest theme for WordPress versions up to and including 5.1.7 Description: The issue concerns unauthorized modification of data due to a missing capability check on several AJAX actions, such as the sb remove ad action. This allows...

WordPress plugin Maintenance & Coming Soon Redirect Animation 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An access control error vulnerability exists i...

Directus 信息泄露漏洞

Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. An information disclosure vulnerability exists in Directus version 11.0.0 and versions prior to 11.3.0, which stems from a setting of WEBSOCKETSGRAPHQLAUTH or...

WordPress plugin SMS for Lead Capture Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-9872

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitasaveuserdatacallback function in all versions up to, and including, 4.5.1. This makes it possible for authenticated...

WordPress plugin SV100 Companion 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Accessibility by AllAccessible 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress plugin IdeaPush 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Image Optimizer, Resizer and CDN – Sirv 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-10907 · Unknown · Socifi Guest Wifi

Name of the Vulnerable Software and Affected Versions: Socifi Guest wifi as SAAS affected versions not specified Description: The issue concerns a Cross Site Request Forgery CSRF vulnerability via the Socifi wifi portal. The application lacks a CSRF token and request validation, allowing an...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

The vulnerability of the Item Catalog component of the Oracle Product Hub data management software in the Oracle E-Business Suite system, which allows a malicious individual to access, modify, add, or delete data.

The vulnerability of the Item Catalog component in the Oracle Data Management Software, part of the Oracle Product Hub system, which is used in the Oracle E-Business Suite for enterprise automation, is related to deficiencies in the authentication process. Exploiting this vulnerability could allo...

JDK: Array indexing integer overflow (8328544)

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Service Contracts versions 12.2...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Work in Process versions 12.2....