26 matches found
CVE-2025-63062
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-63062 WordPress UDesign Core plugin <= 4.14.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-53236
Missing Authorization vulnerability in AndonDesign UDesign Core u-design-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-53236
Missing Authorization vulnerability in AndonDesign UDesign Core u-design-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UDesign Core: from n/a through = 4.14.0...
PT-2025-43253
Name of the Vulnerable Software and Affected Versions AndonDesign UDesign Core versions through 4.14.0 Description An issue exists in AndonDesign UDesign Core u-design-core related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows...
PT-2025-43252
Name of the Vulnerable Software and Affected Versions AndonDesign UDesign Core versions through 4.14.0 Description A Reflected Cross-site Scripting XSS issue exists in AndonDesign UDesign Core u-design-core. This occurs due to improper neutralization of input during web page generation. The issue...
EUVD-2019-15199
Malware in sbrugna...
EUVD-2023-58695
Malicious code in bioql PyPI...
EUVD-2025-4566
Malicious code in bioql PyPI...
EUVD-2023-0238
Malicious code in bioql PyPI...
WordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin UDesign Core versions = 4.14.0...
CVE-2024-10315
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD...
CVE-2023-6461
Cross-site Scripting XSS - Reflected in GitHub repository viliusle/minipaint prior to 4.14.0...
CVE-2024-10315
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD...
CVE-2024-10315
CVE-2024-10315 concerns an insecure configuration in Gliffy Online. Multiple sources in the connected set confirm affected software as Gliffy Online with versions prior to 4.14.0-6. The root cause identified is an insecure configuration in these versions, as reported by Alpha Inferno PVT LTD. Acr...
CVE-2023-6461
Cross-site Scripting XSS - Reflected in GitHub repository viliusle/minipaint prior to 4.14.0...
PYSEC-2023-206
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0...
Null pointer dereference
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0...
json-io 缓冲区错误漏洞
json-io is a json, java conversion library from the individual developer John DeRegnaucourt. A security vulnerability exists in json-io version 4.14.0 and earlier, which stems from a vulnerability that allows an attacker to cause a denial of service through the use of objects with cyclic...
Atlassian Jira Service Management 4.14.0 < 4.20.6 Seraph Authentication Bypass
According to its self-reported version number, the Atlassian Jira Service Management application running on the remote host is version 4.14.0 prior to 4.20.6 or 4.21.0 prior to 4.22.6. It is, therefore, affected by a authentication bypass vulnerability in Jira Seraph which may allow remote,...