EUVD-2026-36993

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

CVE-2023-25956

Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1...

Pegasystem Pega Platform 安全漏洞

Pegasystem Pega Platform is a suite of application development platforms from the American company Pegasystem. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management. A security...

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

PT-2025-2191 · WordPress · Gamipress

Name of the Vulnerable Software and Affected Versions: GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress versions up to, and including, 7.2.1 Description: The issue is related to arbitrary shortcode execution via the gamipress do shortcode function. This ...

SUSE CVE-2019-11578

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks...

PT-2024-25283 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: FortiWeb versions 6.3 through 7.2.1 FortiWeb version 7.0 Description: An improper certificate validation issue may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication...

PT-2024-13136 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions 6.6.x through 7.2.0 Description: An issue was discovered in Couchbase Server where unauthenticated users may cause memcached to run out of memory via large commands. Recommendations: For Couchbase Server versions 6.6...

Couchbase Server Security Vulnerability

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server versions prior to 7.1.5 and prior to 7.2.1, which stems from the...

VulnCheck KEV: CVE-2021-21389

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in...

CVE-2023-33304

A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials...

Couchbase Server Security Vulnerability

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server that stems from the presence of a directory traversal vulnerabilit...

SUSE CVE-2023-41053

Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by SORTRO and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been...

WordPress Theme WoodMart 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress Theme WoodMart 7.2.1 and earlier...

SiteServer CMS 跨站脚本漏洞

SiteServer CMS is an open-source content management system CMS from China's BioRenewable Software Technology Development Company. A cross-site scripting vulnerability exists in SiteServer CMS version 7.2.1 and prior versions, which stems from cross-site scripting due to incorrect manipulation of...

CVE-2022-45861

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

Varnish Cache 环境问题漏洞

Varnish Cache is a set of reverse web caching servers. An environment issue vulnerability exists in Varnish Cache version 7.x up to and including version 7.1.2, and version 7.2.x up to and including version 7.2.1. An attacker exploits this vulnerability to bypass host routing requests in the VCL...

CVE-2022-29721

creationtimestamp| type| source ---|---|--- 2022-05-26 16:14:08+00:00| seen| https://t.me/cibsecurity/43373...

TYPO3 代码问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. A server-side request forgery vulnerability exists in TYPO3 versions prior to 7.2.1, which stems from a failure to check the legitimacy of a request. An attacker can exploit this...

PT-2020-13124 · Grafana +4 · Grafana +4

Name of the Vulnerable Software and Affected Versions: Grafana versions 6.0.0 through 6.3.6 Grafana versions prior to 7.2.1 Description: The configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml are world readable, containing a secret key and a bind password. Recommendations: Fo...