EUVD-2024-33429

Malicious code in bioql PyPI...

CVE-2025-32198

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefusecom Brizy brizy.This issue affects Brizy: from n/a through = 2.7.7...

CVE-2025-32198 WordPress Brizy plugin <= 2.6.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefusecom Brizy. This issue affects Brizy: from n/a through 2.6.14...

WordPress plugin Brizy 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-43126

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Sender Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce allows Reflected XSS.This issue affects Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce...

CVE-2024-10520

The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the 'CreateMilestone', 'CreateTaskList', 'CreateTask', and 'DeleteTask' classes in version 2.6.14. This makes it possible for unauthenticated...

CVE-2024-10520

The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the 'CreateMilestone', 'CreateTaskList', 'CreateTask', and 'DeleteTask' classes in version 2.6.14. This makes it possible for unauthenticated...

PT-2024-16339 · WordPress · Wp Project Manager

Name of the Vulnerable Software and Affected Versions: WP Project Manager plugin for WordPress version 2.6.14 Description: The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the check method of the Create Milestone,...

WordPress plugin Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Sender - Newsletter,...

WordPress Mollie Forms Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Mollie Forms Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2368 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be4c386416af Credits Lucio Sá Required...

PT-2024-11971 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.6.14 Rancher versions prior to 2.7.10 Rancher versions prior to 2.8.2 Description: A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. The issue affects...

CVE-2023-20883

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service DoS attack if Spring MVC is used together with a reverse proxy cache...

ai.ylyue:yue-library-base (=j11.2.6.2), ai.ylyue:yue-library-data-es (=j11.2.6.2) +825 more potentially affected by CVE-2023-20873 via org.springframework.boot:spring-boot-actuator-autoconfigure (>=2.6.0 <=2.6.14)

org.springframework.boot:spring-boot-actuator-autoconfigure MAVEN version =2.6.0, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.0, =1.1.2, =1.1.4 - cn.kduck:kduck-security =1.1.2 - cn.kduck:kduck-security-principal =1.1.2 and more Source cves: CVE-2023-20873 Source advisory:...

GSD-2023-1002404 net: USB: Fix wrong-direction WARNING in plusb.c

net: USB: Fix wrong-direction WARNING in plusb.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...

SUSE CVE-2005-3810

ipconntrackprotoicmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via a message without ICMP ID ICMPID information, which leads to a null dereference...

GSD-2023-1000306 net: phy: fix null-ptr-deref while probe() failed

net: phy: fix null-ptr-deref while probe failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.226 by commit...

Deserialization of Untrusted Data

Overview rubygems-update is an inbuilt rubygem for updating rubygems. Affected versions of this package are vulnerable to Deserialization of Untrusted Data when YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to...

The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information

The vulnerability of the openswan-2.6.14 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

CentOS Security Advisory CESA-2009:0402 (openswan)

The remote host is missing updates to openswan announced in advisory CESA-2009:0402. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

[SA17114] Linux Kernel Two Potential Denial of Service Vulnerabilities

TITLE: Linux Kernel Two Potential Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA17114 VERIFY ADVISORY: http://secunia.com/advisories/17114/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTION: Two...