FreePBX 信任管理问题漏洞

FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI graphical web-based interface. Versions of FreePBX prior to 15.0.42, 16.0.45, and 17.0.7 contained a trust management vulnerability. This vulnerability stemmed from the...

WWBN AVideo 信息泄露漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to version 29 contain an information leakage vulnerability. This vulnerability arises because unverified users can read the APISecret from objects/plugins.json.php and use it ...

Outline 安全漏洞

Outline is an open-source knowledge base developed by Outline. Versions of Outline prior to 1.7.0 contained security vulnerabilities. These vulnerabilities stemmed from the shares.create API, which accepted both collectionId and documentId. When published=false was set, only read access for each...

Anviz CX7和Anviz CX2 Lite 安全漏洞

Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...

Beszel 安全漏洞

Beszel is a lightweight server monitoring center developed by Hank’s individual developers. Versions of Beszel prior to 0.18.7 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of users’ access rights to system IDs through certain API endpoints,...

Sage DPW 安全漏洞

Sage DPW is a human resources system developed by the British company Sage. Version Sage DPW 202506004 contains security vulnerabilities. These vulnerabilities stem from non-default configurations that allow unverified access to diagnostic endpoints, potentially exposing sensitive information suc...

Dell PowerScale OneFS security vulnerabilities

Dell PowerScale OneFS is an operating system developed by the American company Dell. It provides a horizontally scalable NAS solution through the PowerScale OneFS operating system. Versions of Dell PowerScale OneFS prior to 9.13.0.0 contained a security vulnerability. This vulnerability stemmed...

Oracle Siebel CRM security vulnerabilities

Oracle Siebel CRM is a customer relationship management solution developed by Oracle Corporation in the United States. This solution includes modules for sales management, marketing management, customer service systems, and call centers. There were security vulnerabilities in the Siebel CRM...

CVE-2023-40667

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lasso Simple URLs plugin = 117 versions...

CVE-2022-0651

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...

CVE-2025-52079

CVE-2025-52079 concerns the D-Link DIR-820L router (firmware version 1.06B02). The Red Hat and NVD/CNVD entries describe an improper access control in the administrator password setting that allows an unauthenticated user to trigger an unauthenticated password change by sending a crafted POST req...

EUVD-2020-29918

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unverified cgx and lmac access, which could cause the kernel to crash...

CVE-2019-2622

Vulnerability in the Oracle Service Contracts component of Oracle E-Business Suite subcomponent: Renewals. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with...

WordPress plugin WP Dashboard Notes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-26085 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified where the ima get kexec buffer function does not check if the previous kernel's ima-kexec-buffer lies outside the addressable...

WordPress occupancyplan plugin <= 1.0.3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin occupancyplan versions = 1.0.3.0...

CVE-2025-43918

SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that...

WordPress Brizy Pro plugin <= 2.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Brizy Pro versions = 2.6.1...

WordPress OwnerRez Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin OwnerRez API versions = 1.2.0...