Keras 代码问题漏洞

Keras is an open-source deep learning framework with multiple backends. Version 3.13.0 of Keras contains a code vulnerability that stems from the TFSLayer class’s unconditional loading of external SavedModels, which may lead to arbitrary code execution...

CVE-2025-13985

Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0...

CVE-2022-42154

An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2025-66060

Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

CVE-2025-66061

Cross-Site Request Forgery CSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

CVE-2025-66061

Cross-Site Request Forgery CSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

CVE-2025-66061

Cross-Site Request Forgery CSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

CVE-2025-66059

CVE-2025-66059 affects WordPress plugin Seriously Simple Podcasting (<= 3.13.0). The vulnerability is an unauthenticated information disclosure that allows retrieval of embedded sensitive data, as indicated by the CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) with a base score of 5.3. ...

CVE-2025-66061 WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

CVE-2025-66060

CVE-2025-66060 affects WordPress plugin Seriously Simple Podcasting (versions up to and including 3.13.0). The Red Hat/NVD/CVE ecosystem entries describe a Missing Authorization/Broken Access Control vulnerability that could allow unauthorized access due to incorrectly configured access control s...

EUVD-2025-198481

Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through = 3.13.0...

PT-2025-47734

Name of the Vulnerable Software and Affected Versions Seriously Simple Podcasting versions through 3.13.0 Description A flaw exists in Craig Hewitt’s Seriously Simple Podcasting that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to an...

WordPress plugin Seriously Simple Podcasting 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

PT-2025-47735

Name of the Vulnerable Software and Affected Versions Seriously Simple Podcasting versions through 3.13.0 Description An authorization issue exists in Craig Hewitt’s Seriously Simple Podcasting. The issue involves incorrectly configured access control security levels, potentially allowing...

WordPress plugin Seriously Simple Podcasting 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Seriously Simple...

CVE-2025-64706

Typebot is an open-source chatbot builder. In version 3.9.0 up to but excluding version 3.13.0, an Insecure Direct Object Reference IDOR vulnerability exists in the API token management endpoint. An authenticated attacker can delete any user's API token and retrieve its value by simply knowing th...

CVE-2025-64706

Typebot (open-source chatbot builder) contains an IDOR vulnerability in the API token management endpoint affecting versions 3.9.0 through 3.12.9 (up to but excluding 3.13.0). An authenticated attacker can delete any user’s API token and retrieve its value by knowing the target user ID and token ...

WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Seriously Simple Podcasting versions = 3.13.0...

CVE-2025-64343

conda Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write...

CVE-2025-64343

CVE-2025-64343 affects the conda Constructor tool. In versions 3.12.2 and earlier, the installation directory inherits permissions from its parent, and outside restricted directories those permissions can permit write access by authenticated users. Any logged-in user could modify during installat...