OPENSUSE-SU-2026:10739-1 assimp-devel-6.0.5-2.1 on GA media

These are all security issues fixed in the assimp-devel-6.0.5-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

CVE-2025-32222 WordPress Widget Logic <= 6.0.5 - Remote Code Execution (RCE) Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

CVE-2025-32222

CVE-2025-32222 affects WordPress Widget Logic plugin, with Code Injection allowing Remote Code Execution in Widget Logic

PT-2025-45190

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

EUVD-2025-24912

Malicious code in bioql PyPI...

EUVD-2022-15642

Malicious code in bioql PyPI...

CVE-2025-54729 WordPress Webba Booking Plugin <= 6.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Stored XSS.This issue affects Webba Booking: from n/a through = 6.0.5...

CVE-2025-54729 WordPress Webba Booking Plugin <= 6.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Stored XSS.This issue affects Webba Booking: from n/a through = 6.0.5...

CVE-2024-35228

Wagtail is an open source content management system built on Django. Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, eve...

WordPress plugin Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2025-32253

Missing Authorization vulnerability in ComMotion Course Booking System course-booking-system allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Course Booking System: from n/a through = 6.1...

PT-2025-15009 · Unknown · Commotion Course Booking System

Name of the Vulnerable Software and Affected Versions: ComMotion Course Booking System versions n/a through 6.0.5 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. This means that...

RHSA-2025:0342 Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.5 release and security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.5 release and security update

An update is now available for Red Hat JBoss Web Server 6.0 on Red Hat Enterprise Linux versions 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-22785 WordPress Course Booking System plugin <= 6.0.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ComMotion Course Booking System course-booking-system allows SQL Injection.This issue affects Course Booking System: from n/a through = 6.0.6...

WordPress plugin Course Booking System SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability...

Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`

Impact Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even when they have not been granted permission over the model. T...

EaseUS MobiMover Security Vulnerability

EaseUS MobiMover is an application from EaseUS for transferring iPhone data. A security vulnerability exists in EaseUS MobiMover version 6.0.5 Build 21620. An attacker can escalate privileges by exploiting the vulnerability...

Cross-Frame Scripting vulnerability has been found on Plone CMS

A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting version below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element...