CVE-2026-28793

Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory. When running tinacms dev, th...

CVE-2023-5218

Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2025-32519

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeAtelier IDonate allows PHP Local File Inclusion. This issue affects IDonate: from n/a through 2.1.8...

CVE-2025-21879

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free on inode when scanning root during em shrinking At btrfsscanroot we are accessing the inode's root and fsinfo in a call to btrfsfsclosing after we have scheduled the inode for a delayed iput, and that ca...

WordPress plugin Enter Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

CVE-2021-21835

creationtimestamp| type| source ---|---|--- 2021-08-25 22:25:54+00:00| seen| https://t.me/cibsecurity/27877...

CVE-2008-5218

creationtimestamp| type| source ---|---|--- 2008-11-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7140...