EUVD-2026-20115

The Sports Club Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before' and 'after' attributes of the scmmemberdata shortcode in all versions up to, and including, 1.12.9 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Sports Club Management plugin <= 1.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'before' Attribute vulnerability discovered by zaim in WordPress Plugin Sports Club Management versions = 1.12.9...

PT-2026-31101

The Sports Club Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before' and 'after' attributes of the scm member data shortcode in all versions up to, and including, 1.12.9 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2024-2946

Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.10.9 Flatpak versions prior to 1.12.9 Flatpak versions prior to 1.14.6 Flatpak versions prior to 1.15.8 Description The issue is related to a sandbox escape vulnerability in Flatpak, which is a system for building,...

WordPress Plugin WP ERP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15685 · WordPress · Wp Erp

Name of the Vulnerable Software and Affected Versions: The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress versions up to, and including, 1.12.9 Description: The issue is related to union-based SQL Injection via the email parameter...

PT-2023-26086 · Hashicorp · Vault Enterprise

Name of the Vulnerable Software and Affected Versions: Vault Enterprise versions prior to 1.14.1 Vault Enterprise versions prior to 1.13.5 Vault Enterprise versions prior to 1.12.9 Description: An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash,...

CVE-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

CVE-2019-11246

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...

Security update for go1.12 (moderate)

openSUSE Security Update: Security update for go1.12 Announcement ID: openSUSE-SU-2019:2085-1 Rating: moderate References: 1139210 1141689 1146111 1146115 1146123 Cross-References: CVE-2019-14809 CVE-2019-9512 CVE-2019-9514 Affected Products: openSUSE Leap 15.1 An update that solves three...

Wireshark Multiple Denial-of-Service Vulnerabilities-03 (Jan 2016) - Windows

Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Wireshark AllJoyn Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. Wireshark version 1.12.x prior to 1.12.9, epan/dissectors/packet-alljoyn.c in the AllJoyn parser fails to check for null parameters, which can be exploited by remote attackers to cause a denial of service infinite loop via a constructed packe...

UBUNTU-CVE-2015-8730

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service invalid read operation and application crash via a crafted packet...

CVS < 1.11.17, 1.12.x < 1.12.9 Multiple Vulnerabilities

CVS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cvs:cvs"; ifdescription...