88 matches found
WordPress plugin WP shop 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
PYSEC-2025-195
A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...
WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Service Payment Form With Authorize.net versions = 2.6.0...
PT-2025-49260
Name of the Vulnerable Software and Affected Versions urllib3 versions 1.24 through 2.5.9 Description urllib3 is a user-friendly HTTP client library for Python. In versions starting from 1.24 and prior to 2.6.0, the decompression chain had an unbounded number of links. This allowed a malicious...
UBUNTU-CVE-2024-28882
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session...
BELL-CVE-2022-2602 CVE-2022-2602 does not affect BellSoft software
Bulletin has no description...
PaddlePaddle Operating System Command Injection Vulnerability
PaddlePaddle is an independent R&D deep learning platform open-sourced by China's PaddlePaddle. PaddlePaddle 2.6.0 version of the previous security vulnerability, the vulnerability stems from may lead to remote code execution vulnerability...
CVE-2023-48967
Ssolon = 2.6.0 and =2.5.12 is vulnerable to Deserialization of Untrusted Data...
Netgate pfSense CE Security Vulnerability
Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. A security vulnerability exists in Netgate pfSense CE version 2.6.0, which stems from the vulnerability to receive an unrate-limited attack that allows an attacker to create multiple malicious users in the...
WordPress Plugin Ultimate Member 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
J2eeFAST 跨站脚本漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . A cross-site scripting vulnerability exists in J2eeFAST version 2.6.0 and earlier versions. An attacker can exploit this...
CLSA-2023-1676571549 Update of nss
Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...
SUSE CVE-2021-37635
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The implementation fails to validate that each reduction group does not overfl...
SUSE CVE-2021-37642
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.ResourceScatterDiv is vulnerable to a division by 0 error. The implementation uses a common class for all binary operations but fails to treat the division by 0 case...
SUSE CVE-2021-37687
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's GatherNd implementation does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with...
SUSE CVE-2021-37690
TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inferenc...
PT-2023-14940 · WordPress · Real Testimonials
Name of the Vulnerable Software and Affected Versions: The Real Testimonials WordPress plugin versions prior to 2.6.0 Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them back in the page. This could allow users wit...
Vulnerability fixed in pfSense
NetGate has fixed a vulnerability in pfSense versions lower than and equal to 2.5.2. A malicious person with user privileges within the same network is able to write arbitrary code to the system. Due to the lack of Cross-Site Request Forgery Protection CSRF on the vulnerable system, it is possibl...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21725 via tensorflow (>=2.6.0 <=2.6.2)
tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21725 Source advisory: OSV:GHSA-V3F7-J968-4H5F...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23584 via tensorflow (>=2.6.0 <=2.6.2)
tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23584 Source advisory: OSV:GHSA-24X4-6QMH-88QG...