EUVD-2026-23373

The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution of doshortcode on user-submitted quiz answer text. User-submitted answers pass through...

WordPress plugin Quiz And Survey Master 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

File Inclusion node-tar Dependency in Jira Software Data Center

This High severity File Inclusion vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.1 of Jira Software Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2 and a CVS...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the...

Injection cipher-base Dependency in Jira Software Data Center and Server

This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Software Data Center and Server. This Injection vulnerability, with a CVSS Score of 9.1 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows an...

CVE-2025-36102

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security...

CVE-2025-12914

CVE-2025-12914 affects aaPanel BaoTa Backend, specifically the /database?action=GetDatabaseAccess endpoint. The vulnerability arises from manipulation of the Name parameter, enabling SQL injection. Exploitation is possible remotely, and multiple sources note the vulnerability and that upgrading t...

CVE-2025-12914 aaPanel BaoTa Backend database sql injection

A vulnerability has been found in aaPanel BaoTa up to 11.2.x. This vulnerability affects unknown code of the file /database?action=GetDatabaseAccess of the component Backend. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has been...

BaoTa SQL注入漏洞

BaoTa is a Linux Ops panel by an individual developer at aapanel.com. A SQL injection vulnerability exists in BaoTa version 11.1.0 and earlier, which stems from incorrect manipulation of the parameter Name in the file /database?action=GetDatabaseAccess, which could lead to a SQL injection attack...

EUVD-2025-23292

Malicious code in bioql PyPI...

CVE-2025-45764

jsrsasign v11.1.0 was discovered to contain weak encryption. NOTE: this issue has been disputed by a third party who believes that CVE IDs can be assigned for key lengths in specific applications that use a library, and should not be assigned to the default key lengths in a library. This dispute ...

PT-2025-32204 · Jsrsasign · Jsrsasign

Name of the Vulnerable Software and Affected Versions: jsrsasign version 11.1.0 Description: jsrsasign version 11.1.0 contains weak encryption. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2025-45764

jsrsasign v11.1.0 was discovered to contain weak encryption. NOTE: this issue has been disputed by a third party who believes that CVE IDs can be assigned for key lengths in specific applications that use a library, and should not be assigned to the default key lengths in a library. This dispute ...

CVE-2025-54832

OPEXUS FOIAXpress Public Access Link PAL, version v11.1.0, allows an authenticated user to add entries to the list of states and territories...

CVE-2025-54832 OPEXUS FOIAXpress Public Access Link (PAL) state and territory list unauthorized modification

OPEXUS FOIAXpress Public Access Link PAL, version v11.1.0, allows an authenticated user to add entries to the list of states and territories...

OPEXUS FOIAXpress Public Access Link（OPEXUS FOIAXpress PAL） 安全漏洞

OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link OPEXU...

OPEXUS FOIAXpress Public Access Link 安全漏洞

OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure, public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link...

OPEXUS FOIAXpress Public Access Link 安全漏洞

OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link versi...

Kaltura Video Platform 安全漏洞

Kaltura Video Platform is a video management and distribution platform from Kaltura Individual Developers in the United States. A security vulnerability exists in Kaltura Video Platform versions prior to 11.1.0-2, which stems from insecure deserialization and could lead to remote code execution...

CVE-2021-37699

Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly ha...