CVE-2025-14886 Japanized for WooCommerce <= 2.7.17 - Missing Authorization to Unauthenticated Order Status Modification

The Japanized for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the order REST API endpoint in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to mark any WooCommerce order a...

CVE-2025-14156 Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

多款TRUMPF产品安全漏洞

TRUMPF TruTops and others are TRUMPF products.TRUMPF TruTops is TRUMPF Oseon is an integrated solution for production and material flow control.TRUMPF Job Order Interface is a software job order interface. A security vulnerability exists in several TRUMPF products that stems from the use of defau...

GHSA-J96P-R523-8R3W HTTP Request Smuggling in github.com/hyperledger/fabric

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the...

CVE-2021-43669

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the...

CVE-2021-43669

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the...

Hyperledger Fabric 环境问题漏洞

Hyperledger Fabric is an enterprise licensed distributed ledger framework. It is used for developing solutions and applications. A security vulnerability exists in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0, which can be exploited by an attacker by constructing a message whose header is...