5 matches found
CVE-2025-69098
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...
Cross-site Request Forgery (CSRF)
Overview org.springframework:spring-websocket is a framework that provides a comprehensive programming and configuration model for modern Java-based enterprise applications - on any kind of deployment platform. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF vi...
DedeBIZ Code Issue Vulnerability
DedeBIZ is a content management system from the Chinese company Muyun Intelligent Technology DedeBIZ. A code issue vulnerability exists in Muyun DedeBIZ versions prior to 6.2.12, which stems from the component Add Attachment Handler that causes unrestricted uploads...
DEBIAN-CVE-2023-38409
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
AZL-25674 CVE-2023-28425 affecting package redis for versions less than 6.2.12-1
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...