6720 matches found
CVE-2025-12089
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cleanCache function in all versions up to, and including, 1.10.45. This makes it possible for authenticated attackers, with Administrator-level acce...
CVE-2025-12089 Data Tables Generator by Supsystic <= 1.10.45 - Authenticated (Admin+) Arbitrary File Deletion
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cleanCache function in all versions up to, and including, 1.10.45. This makes it possible for authenticated attackers, with Administrator-level acce...
CVE-2025-12089 Data Tables Generator by Supsystic <= 1.10.45 - Authenticated (Admin+) Arbitrary File Deletion
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cleanCache function in all versions up to, and including, 1.10.45. This makes it possible for authenticated attackers, with Administrator-level acce...
CVE-2025-12089
The CVE-2025-12089 affects the WordPress plugin Data Tables Generator by Supsystic. Affected: plugin versions up to 1.10.45. Cause: insufficent file path validation in the cleanCache() function, enabling authenticated administrators to perform arbitrary file deletions on the server (e.g., wp-conf...
EUVD-2025-150411
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cleanCache function in all versions up to, and including, 1.10.45. This makes it possible for authenticated attackers, with Administrator-level acce...
MAL-2025-189114 Malicious code in redshift-nebula-cz-conventional-changelog-fornax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf33e7a660e7f12a243bf4ae70b1401a0f4b66ec86a8c2aa5e877f46d3750826 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187767 Malicious code in levels-event-bionics-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bdee777e410b3fc1869f19ba81326e968afb704dace7f49fb14bc7f0397e233 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
SUSE CVE-2025-40127
In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...
PT-2025-46777
Name of the Vulnerable Software and Affected Versions Data Tables Generator by Supsystic plugin for WordPress versions through 1.10.45 Description The Data Tables Generator by Supsystic plugin for WordPress has a flaw that allows authenticated attackers with Administrator-level access or higher t...
Siemens SIMATIC S7-1500 Insufficient Entropy (CVE-2019-15847)
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
ROS-20251113-06
The BIND DNS server vulnerability is related to a pseudo-random number generator PRNG vulnerability. Exploitation exploitation of the vulnerability could allow a remote attacker to compromise the integrity of data in the DNS system A vulnerability in the BIND DNS server is related to the loading ...
WordPress plugin Data Tables Generator by Supsystic 路径遍历漏洞
WordPress Data Tables Generator by Supsystic plugin is WordPress plugin for creating interactive tables and charts that support data visualization and dynamic content presentation. WordPress Data Tables Generator by Supsystic plugin has an arbitrary file deletion vulnerability that stems from...
WordPress Data Tables Generator by Supsystic plugin <= 1.10.45 - Authenticated (Admin+) Arbitrary File Deletion vulnerability
Authenticated Admin+ Arbitrary File Deletion vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Data Tables Generator by Supsystic versions = 1.10.45...
Malicious code in gociay-unga-fugiufcagiaga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fad9d9361497b4323311ac1d1771cb0def3393b7053afebaad76e413f927f053 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
PYSEC-2025-112
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
CVE-2025-64429
DuckDB 1.4.0–pre-1.4.2 encryption implementation is vulnerable due to multiple cryptographic weaknesses: insecure RNG (pcg32 fallback), possible memory wipe omission (memset) leaving secrets, and header manipulation could downgrade from GCM to CTR, bypassing integrity. There may also be unhandled...
EUVD-2025-150399
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
CVE-2025-64429 DuckDB Encryption Crypto implementation is vulnerable
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
CVE-2025-64429
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio
AI security firm Mindgard discovered a flaw in OpenAI's Sora 2 model, forcing the video generator to leak…...