4441 matches found
UBUNTU-CVE-2025-55752
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...
EUVD-2025-36224
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...
CVE-2025-10023 A user with elevated privileges can inject XSS in the Services Meta-services configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Services Meta-services modules allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.9, from 24.04.0...
CVE-2025-10023 A user with elevated privileges can inject XSS in the Services Meta-services configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Services Meta-services modules allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.9, from 24.04.0...
CVE-2025-10023
Centreon Infra Monitoring (Services Meta-services modules) exposes a Stored XSS in Web Page Generation due to improper input neutralization. Affected versions include 23.10.0–23.10.26, 24.04.0–24.04.16, and 24.10.0–24.10.9. The issue requires elevated privileges and user interaction to exploit, w...
EUVD-2025-35981
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.4...
CVE-2025-62928
Missing Authorization vulnerability in Joby Joseph SEO Meta Description Updater seo-meta-description-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Meta Description Updater: from n/a through = 1.2.0...
CVE-2025-62964 WordPress MDTF plugin <= 1.3.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.6...
CVE-2025-62964
CVE-2025-62964 refers to a Missing Authorization vulnerability in the WordPress plugin MDTF (RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter). Connected sources indicate the flaw affects MDTF versions up to 1.3.6 (and possibly earlier) and arises from broken access control/security level ...
CVE-2025-62928 WordPress SEO Meta Description Updater plugin <= 1.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Joby Joseph SEO Meta Description Updater seo-meta-description-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Meta Description Updater: from n/a through = 1.2.0...
CVE-2025-62928
CVE-2025-62928 relates to a Missing Authorization issue in WordPress plugin SEO Meta Description Updater (versions n/a to 1.2.0). The vulnerability is described as Broken Access Control allowing exploitation due to incorrectly configured access levels. Public sources in the Connected documents (N...
WordPress plugin SEO Meta Description Updater Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-43967
Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 23.10.0 through 23.10.26 Centreon Infra Monitoring versions 24.04.0 through 24.04.16 Centreon Infra Monitoring versions 24.10.0 through 24.10.9 Description The software contains an Improper Neutralization of...
PT-2025-43836
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.4...
[SECURITY] Fedora 42 Update: golang-github-facebook-time-0^20251021gite970944-1.fc42
Meta's Time libraries...
[SECURITY] Fedora 41 Update: golang-github-facebook-time-0^20251021gite970944-1.fc41
Meta's Time libraries...
Malicious code in meta-service-boost-90s (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48852 Malicious code in meta-service-boost-90s (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in meta-api-boostx-v2-pro (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48851 Malicious code in meta-api-boostx-v2-pro (npm)
--- -= Per source details. Do not edit below this line.=-...