157 matches found
WordPress plugin Omnipress has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Prowess WordPress plugin has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress plugin Hobo has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Indoor Plants has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Plugin Listivo Core has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Gyan Elements has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Prider has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-20925
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-0532 External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector
External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...
CVE-2026-20925
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-20872
CVE-2026-20872 affects Windows NTLM: external control of a file name or path allows an attacker to spoof authentication over the network. The description states this vulnerability and related references indicate a Windows NTLM spoofing risk. The connected Nessus/NCSC/EUVD/NVD entries confirm the ...
CVE-2026-20925
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
PT-2026-2717
CVE-2026-20872 External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. https://t.co/cZpV895UgI...
CVE-2025-66003 Local users can perform a local root exploit via smb4k mounthelper
An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...
WordPress plugin GlamChic 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
Zoom Rooms < 6.6.0 Vulnerability (ZSB-25051)
The version of Zoom Rooms installed on the remote host is prior to 6.6.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25051 advisory. - External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a...
CVE-2025-67461
External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access...
CVE-2025-67461 Zoom Rooms for macOS - External Control of File Name or Path
External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access...
Zoom Rooms for macOS 安全漏洞
Zoom Rooms for macOS is a conference room software from Zoom USA. A security vulnerability exists in Zoom Rooms for macOS prior to version 6.6.0, which originates from an external control over file names or paths, and could cause an authenticated user to disclose information via local access...
CVE-2025-64739
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access...