2581 matches found
EUVD-2026-38063
The WP Go Maps – Most Popular Map Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 10.1.01. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers ...
CVE-2017-20271
Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can send GET requests to index.php with the option=comstreetguess&view=maps parameters a...
CVE-2017-20271
Joomla StreetGuessr Game 1.1.8 is affected by an SQL injection via the catid parameter in index.php when using option=com_streetguess&view=maps. The vulnerability allows unauthenticated attackers to execute arbitrary SQL queries and exfiltrate data such as database version and names. Reported CVS...
EUVD-2017-18998
Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can send GET requests to index.php with the option=comstreetguess&view=maps parameters a...
CVE-2017-20271 Joomla StreetGuessr Game 1.1.8 SQL Injection via catid
Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can send GET requests to index.php with the option=comstreetguess&view=maps parameters a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fixed a race condition between concurrent operations involving splitting PUD entries and refaulting PUD leaf entries. The splitting of a PUD entry in walkpudrange can cause a race with a concurrent thread that refaul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Zeroing allocated objects from slabs in the BPF memory allocator Currently, the freed elements in the BPF memory allocator may be reused immediately. For the htab map, reusing these elements will reinitialize special fields ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fixed a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar to the following, while we display /proc/cpuinfo. This...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper functions that write to read-only maps Lonial identified an issue where, even when the BPF map on both the user and BPF sides is frozen like in the case of .rodata, it was still possible to write into it from the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mtd: maps: pxa2xx-flash: fixed a memory leak in the probe function. Added “free ‘info’” upon remapping errors to avoid memory leaks. : Reworded the commit log...
Astra Linux – Vulnerability in Firefox, Thunderbird
After a Garbage Collector compaction, weak maps might have been accessed before they were properly traced. This led to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and Thunderbird...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following messages: 0.025698 CPU1 revision is:...
Astra Linux – Vulnerability in Zabbix
A stored XSS vulnerability has been detected in the Zabbix web application, specifically in the Maps element, when a URL field contains spaces before the URL...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: UM: cpuinfo: Fixed a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar to the following, while we display /proc/cpuinfo. This...
WordPress WP Go Maps plugin <= 10.1.01 - Unauthenticated Arbitrary Record Creation vulnerability
Unauthenticated Arbitrary Record Creation vulnerability discovered by Thanh Điềm in WordPress Plugin WP Go Maps versions = 10.1.01...
WordPress MapPress Maps for WordPress plugin <= 2.97.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by l3m3s in WordPress Plugin MapPress Maps for WordPress versions = 2.97.3...
PT-2026-50952
Name of the Vulnerable Software and Affected Versions Joomla StreetGuessr Game version 1.1.8 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by sending GET requests to the 'index.php' endpoint with the parameters option=com...
CVE-2026-10029
The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the getevents. This makes it possible for unauthenticated attackers to extract sensitive data including...
EUVD-2026-37841
The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the getevents. This makes it possible for unauthenticated attackers to extract sensitive data including...
kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...