CVE-2025-13983

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

CVE-2025-10003

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uploadfileremove’ function and 'htmlvar' parameter in all versions up to, and including, 1.2.44 due to insufficient...

CVE-2025-10003

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uploadfileremove’ function and 'htmlvar' parameter in all versions up to, and including, 1.2.44 due to insufficient...

WordPress UsersWP plugin <= 1.2.44 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin UsersWP versions = 1.2.44...

PT-2025-36344

Name of the Vulnerable Software and Affected Versions: UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress versions through 1.2.44 Description: The UsersWP plugin for WordPress is susceptible to a time-based SQL Injection issue due to...

DEBIAN-CVE-2025-46825

Kanboard is project management software that focuses on the Kanban methodology. Versions 1.2.26 through 1.2.44 have a Stored Cross-Site Scripting XSS Vulnerability in the name parameter of the http://localhost/?controller=ProjectCreationController&action=create form. This vulnerability allows...

[SECURITY] [DLA 343-1] libpng security update

Package : libpng Version : 1.2.44-1+squeeze5 CVE ID : CVE-2012-3425 CVE-2015-7981 CVE-2015-8126 CVE-2015-7981 Added a safety check in pngsettIME Bug report from Qixue Xiao. CVE-2015-8126 Multiple buffer overflows in the 1 pngsetPLTE and 2 pnggetPLTE functions in libpng before 1.0.64, 1.1.x and...

AZL-43975 CVE-2010-1205 affecting package libpng12 1.2.57-16

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row...

Critical Holes Closed in PNG Image Library

Updates 1.2.44 and 1.4.3 for the official open source reference library libpng have been released to close security holes. Read the full article. The H Security...