CVE-2025-66070 WordPress wpForo Forum plugin <= 2.4.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through = 2.4.10...

CVE-2025-66070 WordPress wpForo Forum plugin <= 2.4.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through = 2.4.10...

PT-2025-52194

Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through = 2.4.10...

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2021-1335

Malware in sbrugna...

EUVD-2025-18829

Malicious code in bioql PyPI...

EUVD-2022-1421

Malicious code in bioql PyPI...

Sangfor aTrust 安全漏洞

Sangfor aTrust is a zero-trust access control system from China-based Sangfor. A security vulnerability exists in Sangfor aTrust version 2.4.10 and earlier, which originates from allowing a user to modify the ExecStartPre command...

Improper Neutralization of Special Elements Used in a Template Engine

Overview nautobot is a Source of truth and network automation platform. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine due to the misconfiguration of the Jinja2 templating feature. An attacker can expose secret values and...

CVE-2025-49142 Nautobot vulnerable to secrets exposure and data manipulation through Jinja2 templating

Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed fields, custom links, etc. in Nautobot, a...

Nautobot 安全漏洞

Nautobot is a web automation platform by the individual developers of Nautobot. A security vulnerability exists in Nautobot versions prior to 2.4.10 and prior to 1.6.32, which stems from a misconfigured Jinja2 template that could lead to data leakage or tampering...

CVE-2021-24660

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode...

CVE-2021-32823

In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit. In combination with...

CVE-2025-30884

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

WordPress Bit Integrations plugin <= 2.4.10 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Le Ngoc Anh in WordPress Plugin Bit Integrations versions = 2.4.10...

CVE-2023-32324 affecting package cups for versions less than 2.4.10-1

CVE-2023-32324 affecting package cups for versions less than 2.4.10-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-4504 affecting package cups for versions less than 2.4.10-1

CVE-2023-4504 affecting package cups for versions less than 2.4.10-1. An upgraded version of the package is available that resolves this issue...

WordPress plugin Woody ad snippets cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Open5GS 访问控制错误漏洞

Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. An Access Control Error vulnerability exists in Open5GS version 2.4.10 and earlier, which stems from a lack of authentication, and can be exploited by an attacker to send an HTTP request to a...

Pouch has a container escape vulnerability

Pouch is a lightweight container technology that helps Ali deliver internal business faster while improving the utilization of physical resources in hyperscale data centers. Pouch has a container escape vulnerability that can be exploited by an attacker to write arbitrary files on the container's...