37 matches found
VulnCheck KEV: CVE-2024-11350
The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforestresetpassword function. This makes it...
VulnCheck KEV: CVE-2024-11349
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sbloginuserwithotpfun function. This makes it possible for unauthenticat...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004036)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004036 advisory. In the Linux kernel before 5.1.6, there is a use-after-free in cpia2exit in drivers/media/usb/cpia2/cpia2v4l.c that will cause denial of service, aka CID-dea37a97265...
EUVD-2019-4451
Malware in sbrugna...
EUVD-2016-7462
Malware in sbrugna...
EUVD-2025-26230
Malicious code in bioql PyPI...
CVE-2025-52861
A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: VioStor 5.1.6...
CVE-2025-52861
CVE-2025-52861 is a path-traversal vulnerability affecting QNAP VioStor. A remote attacker with an administrator account could read unexpected files or system data. The issue has been fixed in VioStor version 5.1.6 build 20250621 and later. Available connected sources consistently describe the vu...
CVE-2025-52856 VioStor
An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later...
CVE-2025-52856
The CVE-2025-52856 vulnerability affects QNAP VioStor. Description confirms an improper authentication flaw that could allow a remote attacker to compromise the system. The issue is addressed in VioStor 5.1.6 build 20250621 and later, which GPT notes as the fixed version. Connected sources consis...
PT-2025-35294
Name of the Vulnerable Software and Affected Versions: VioStor versions prior to 5.1.6 build 20250621 Description: A path traversal vulnerability exists in VioStor. A remote attacker gaining administrator access can potentially read the contents of unexpected files or system data. Recommendations...
CVE-2022-46855
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP Darko Responsive Pricing Table plugin = 5.1.6 versions...
CVE-2019-12872
dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via viewunpushedbundles.jsp...
CVE-2025-30836
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LatePoint LatePoint latepoint allows Stored XSS.This issue affects LatePoint: from n/a through = 5.1.6...
WordPress plugin Shortcodes by United Themes 代ē ę³Øå „ę¼ę“
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A code injection vulnerability exists in WordPress plugin...
CVE-2025-30836
CVE-2025-30836 is a Stored XSS in LatePoint (Calendar Booking Plugin). Connected documents confirm the issue affects LatePoint versions up to 5.1.6 and that patches exist (Patched) in later releases. The CVSSā3.1 base score is 6.5 (Network, L/R/C/L). No exploits are documented in the provided sou...
PT-2025-1642 Ā· WordPress Ā· Adforest
Name of the Vulnerable Software and Affected Versions: AdForest theme for WordPress versions up to and including 5.1.6 Description: The issue arises from the plugin not properly validating a user's identity before updating their password through the adforest reset password function. This allows...
WordPress AdForest plugin <= 5.1.6 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by Tonn in WordPress Theme AdForest versions = 5.1.6...
PT-2024-37761 Ā· Unknown Ā· Filecatalyst Workflow
Name of the Vulnerable Software and Affected Versions: FileCatalyst Workflow versions 5.1.6 and earlier Description: A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack, which can lead to a loss of...
CVE-2024-7272
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fillaudiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in versio...