EUVD-2026-9684

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Foodie foodie allows PHP Local File Inclusion.This issue affects Foodie: from n/a through = 1.14...

PT-2026-23397

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through = 1.14...

MiracleLinux 7 : rh-nginx114-nginx-1.14.1-1.1.0.1.el7.AXS7, rh-nginx114-1.14-6.el7 (AXSA:2021-1753:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1753:01 advisory. HTTP/2: large amount of data request leads to denial of service CVE-2019-9511 HTTP/2: flood using PRIORITY frames resulting in excessive resource...

CVE-2025-63004 WordPress All in One Accessibility plugin <= 1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility all-in-one-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through = 1.15...

WordPress plugin All in One Accessibility 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-54383

Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through 1.14...

EUVD-2007-0541

Malware in sbrugna...

EUVD-2002-0284

Malware in sbrugna...

EUVD-2024-52332

Malicious code in bioql PyPI...

EUVD-2022-5385

Malicious code in bioql PyPI...

CVE-2025-57901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DAEXT Import Markdown allows Stored XSS. This issue affects Import Markdown: from n/a through 1.14...

CVE-2025-57901

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-57901

CVE-2025-57901 is listed in connected sources as relating to Import Markdown – Versatile Markdown Importer for WordPress. The connected entry indicates a vulnerability described as an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via the Markdown import process. In practical term...

PT-2025-39011

Name of the Vulnerable Software and Affected Versions DAEXT Import Markdown versions through 1.14 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Stored Cross-Site Scripting XSS condition. This allows an attacker to...

CVE-2025-9493

CVE-2025-9493 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin Admin Menu Editor. The root cause is insufficient input sanitization and output escaping for the placeholder parameter, enabling an authenticated attacker with Author-level access or higher to inject scrip...

WordPress Admin Menu Editor plugin <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via placeholder Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Admin Menu Editor versions = 1.14...

WordPress Toggles Shortcode and Widget plugin <= 1.14 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Toggles Shortcode and Widget versions = 1.14...

SUSE CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...

Linux Distros Unpatched Vulnerability : CVE-2017-12067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potrace 1.14 has a heap-based buffer over-read in the interpolatecubic function in mkbitmap.c. CVE-2017-12067 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2018-1002102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server...