PT-2026-35900

Server-Side Request Forgery SSRF vulnerability in ILLID Share This Image share-this-image allows Server Side Request Forgery.This issue affects Share This Image: from n/a through = 2.14...

PT-2025-51054

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

EUVD-2002-0801

Malware in sbrugna...

EUVD-2025-9833

Malicious code in bioql PyPI...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 versions prior to 2.13.8 and 2.14.x through 2.14.2, which stems from an out-of-bounds memory access due to ...

CVE-2025-32188

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo Labels: from n/a through = 2.15...

The OpenSearch reporting plugin improperly controls tenancy access to reporting resources

Summary An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. Impact The lack of...

OpenSearch Dashboards Reports Security Vulnerability

OpenSearch Dashboards Reports is an OpenSearch open source application. It is used to export and automate PNG, PDF and CSV reports in OpenSearch Dashboard. A security vulnerability exists in OpenSearch Dashboards Reports prior to version 2.14, which stems from the system not properly checking if ...

F5 Networks BIG-IP : glibc vulnerability (K49921213)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K49921213 advisory. - A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was...

WordPress Plugin BestWebSoft Twitter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

FIN8 Resurfaces with Revamped Backdoor Malware

The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...

Design/Logic Flaw

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...

PT-2019-11753 · Jenkins · Jenkins Pipeline: Shared Groovy Libraries Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Shared Groovy Libraries Plugin versions 2.14 and earlier Description: A missing permission check in the plugin allowed users with Overall/Read access to obtain limited information about the content of SCM repositories...

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Mac OS X)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Mac OS X Authors: Arun Kallavi Copyright...

Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Mac OS X)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln01nov12macosx.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 Mac OS X Authors: Arun Kallavi Copyright...

Mozilla SeaMonkey Multiple Vulnerabilities-01 (Nov 2012) - Windows

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CMS Builder 2.14 Cross Site Scripting

CMS Builder vendor: http://www.interactivetools.com/ Version: CMS Builder 2.14 Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: www.epsilonlambda.wordpress.com Google dork: Website powered by CMS Builder...

Design/Logic Flaw

Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors,...

CVE-2001-1405

Bugzilla before 2.14 allows local users to cause a denial of service by flooding sanitycheck.cgi due to lack of access restriction. Affected component: sanitycheck.cgi in Bugzilla; root cause: insufficient access control. Impact: CPU consumption leading to partial availability loss. Exploit detai...