MAL-2025-25907 Malicious code in map-core (npm)

The package map-core was found to contain malicious code...

MAL-2025-25910 Malicious code in map-project (npm)

The package map-project was found to contain malicious code...

MAL-2025-21103 Malicious code in g2plot-geo-world-map (npm)

The package g2plot-geo-world-map was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

IdMap::from_iter may lead to uninitialized memory being freed on drop

Due to a flaw in the constructor idmap::IdMap::fromiter, ill-formed objects may be created in which the amount of actually initialized memory is less than what is expected by the fields of IdMap. Specifically, the field ids is initialized based on the capacity of the vector values, which is...

CVE-2025-52732

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...

CVE-2025-54669

CVE-2025-54669 concerns WordPress MapSVG. The connected sources confirm an SQL Injection vulnerability in MapSVG, caused by improper neutralization of special elements in SQL commands. Affected software: MapSVG (WordPress plugin) versions before 8.7.4. Reported by multiple sources, including Patc...

CVE-2025-52732

The CVE-2025-52732 entry concerns the WordPress Google Map Targeting plugin (versions up to 1.1.6) with an authenticated Local File Inclusion (LFI) vulnerability via improper control of include/require filenames. Public references corroborate LFI risk in Google Map Targeting 1.1.6. Monitor for f...

CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...

CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 Google Map Targeting allows PHP Local File Inclusion. This issue affects Google Map Targeting: from n/a through 1.1.6...

WordPress plugin Google Map Targeting 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2025-33212 · Unknown · Realmag777 Google Map Targeting

Name of the Vulnerable Software and Affected Versions: RealMag777 Google Map Targeting versions through 1.1.6 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion in RealMag777 Google Map Targeting...

PT-2025-34572 · Crates.Io · Id-Map

Due to a flaw in the constructor id map::IdMap::from iter, ill-formed objects may be created in which the amount of actually initialized memory is less than what is expected by the fields of IdMap. Specifically, the field ids is initialized based on the capacity of the vector values, which is...

CVE-2025-8568

The CVE-2025-8568 entry relates to the WordPress GMap Generator (Venturit) plugin, with a Stored Cross-Site Scripting vulnerability in the h parameter affecting all versions up to 1.1. The root cause is insufficient input sanitization and output escaping, allowing authenticated attackers with Con...

WordPress esri-map-view cross-site scripting vulnerability

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

Linux Distros Unpatched Vulnerability : CVE-2024-35902

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce...

Linux Distros Unpatched Vulnerability : CVE-2025-38202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or...

SUSE SLES12 Security Update : zabbix (SUSE-SU-2025:02746-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02746-1 advisory. - CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. bsc1233834 - CVE-2024-22117: Fixed a bug that can cause the map...

Linux Distros Unpatched Vulnerability : CVE-2025-38300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails f...

Linux Distros Unpatched Vulnerability : CVE-2022-49436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated f...

Linux Distros Unpatched Vulnerability : CVE-2024-58094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: add check read-only before truncation in jfstruncatenolock Added a check for read-only mode in the jfstruncatenolock function to avoid errors related to...