387 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-14295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset...
Linux Distros Unpatched Vulnerability : CVE-2023-52776
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are...
CVE-2025-53643
CVE-2025-53643 (aiohttp) : Prior to 3.12.14, the Python parser is vulnerable to HTTP request smuggling due to not parsing trailer sections. If a pure-Python build (no C extensions) or AIOHTTP_NO_EXTENSIONS is used, an attacker may smuggle requests to bypass certain firewalls/proxy protections. Th...
GHSA-9548-QRRJ-X5PJ AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
Summary The Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. Impact If a pure Python version of aiohttp is installed i.e. without the usual C extensions or AIOHTTPNOEXTENSIONS is enabled, then an attacker may be able to execu...
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2024-50983
FlightPath 7.5 contains a Cross Site Scripting XSS vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user by including a malicious payload into the Last Name section in the Create/Edit Faculty/Staff User or...
CVE-2023-50722
XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, there is a reflected XSS or also direct remote code execution vulnerability in the code for displaying configurable admin sections. The code that can be passed through a URL parameter...
CVE-2025-39410
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...
CVE-2025-39410
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...
CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...
CVE-2025-39410
CVE-2025-39410 describes a deserialization of untrusted data vulnerability in the WordPress plugin “Smart Sections Theme Builder – WPBakery Page Builder Addon” (versions up to 1.7.8). Public data in the connected documents confirms a PHP Object Injection flaw that affects this addon, with CVSS v3...
CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...
WordPress plugin Smart Sections Theme Builder - WPBakery Page Builder Addon 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Smart Sections Theme...
PT-2025-22078 · Unknown · Smart Sections Theme Builder
Name of the Vulnerable Software and Affected Versions: Smart Sections Theme Builder - WPBakery Page Builder Addon versions 1.7.8 and earlier Description: The issue is related to the deserialization of untrusted data in the Smart Sections Theme Builder - WPBakery Page Builder Addon. This could...
Incorrect Authorization
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Incorrect Authorization due to improper permission checks in the AJAX section delete functionality. An attacker can delete course sections without having the necessary permissions by exploiting this...
UBUNTU-CVE-2025-3644
A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...
CVE-2025-3644
CVE-2025-3644 : A flaw in Moodle allows a user to delete course sections without proper modify permissions. The connected sources confirm Moodle as affected, citing insufficient permission checks as the root cause; the available details do not specify affected versions beyond Moodle in general, n...
Moodle 安全漏洞
Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from a lack of a checking mechanism that can be exploited by an attacker to delete sections o...
PT-2025-17919
Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw was found in the software, where additional checks were required to prevent users from deleting course sections they did not have permission to modify. Recommendations At the moment,...
CVE-2025-25615
Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...