Netiket ApplyLogic 安全漏洞

Netiket ApplyLogic is a platform for automating processes from Netiket Turkey. A security vulnerability exists in Netiket ApplyLogic versions 01.12.2025 and earlier, which stems from a user-controllable key leading to an authorization bypass that could exploit trusted identifiers...

WordPress plugin Return Refund and Exchange For WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989565 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the...

CVE-2025-0987 IDOR in CB Project's CVLand

Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

CVE-2025-0987 IDOR in CB Project's CVLand

Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

EUVD-2023-60054

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

WordPress plugin Tutor LMS Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2025-35509

Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through = 4.1.1...

CVE-2025-49952

Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through = 4.2.5...

PT-2025-43213

Name of the Vulnerable Software and Affected Versions favethemes Houzez versions through 4.1.1 Description An authorization bypass exists due to incorrectly configured access control security levels. This allows exploitation through a user-controlled key. Recommendations Update to a version later...

CVE-2025-8884

Authorization Bypass Through User-Controlled Key vulnerability in VHS Electronic Software Ltd. Co. ACE Center allows Privilege Abuse, Exploitation of Trusted Identifiers. This issue affects ACE Center: from 3.10.100.1768 before 3.10.161.2255...

CVE-2025-43724

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares...

CVE-2025-0606 IDOR in Logo Software's Logo Cloud

Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure. This issue affects Logo Cloud: before 0.67...

Logo Cloud 安全漏洞

Logo Cloud is a series of cloud-based services and products from Logo Turkey. A security vulnerability exists in Logo Cloud versions prior to 0.67, which stems from a user-controllable key leading to an authorization bypass that could lead to forced browsing and resource disclosure...

UBUNTU-CVE-2023-53554

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in kswlansetencodeext The "exc-keylen" is a u16 that comes from the user. If it's over IWENCODINGTOKENMAX 64 that could lead to memory corruption...

PT-2025-40696

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ks7010 driver. Specifically, a potential buffer overflow can occur within the ks wlan set encode ext function. The issue arises because t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not verifying the length of a user-entered key, which could lead to memory corruption...

EUVD-2025-28646

Malicious code in bioql PyPI...

EUVD-2025-30660

Malicious code in bioql PyPI...

EUVD-2025-14242

Malicious code in bioql PyPI...