WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Additional Custom Product Tabs for WooCommerce versions = 1.7.3...

AZL-52902 CVE-2024-49938 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly ju...

WordPress CM Pop-Up Banners for WordPress plugin < 1.7.3 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Eunho Kim in WordPress Plugin CM Pop-Up banners versions 1.7.3...

Wings 后置链接漏洞

Wings is the server control interface for Pterodactyl Panel. A backlink vulnerability exists in Wings v1.7.x prior to v1.7.3, and v1.11.x prior to v1.11.3, which stems from the ability to create new files and directory structures on the host system that did not previously exist, potentially...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2016-9315

Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to change Master Admin's password and/or ad...