Astra Linux - уязвимость в qt4-x11, qtbase-opensource-src

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion...

CVE-2025-0147

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access...

Zoom Workplace Desktop App < 6.2.10 Privilege Escalation (ZSB-25006)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.2.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25006 advisory. - Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalatio...

WordPress plugin Advanced Custom Fields PRO Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability previously...

privilege escalation bug to edit survey

BUG ======== normal user can edit any survey AFFTED VERSION ============ 6.2.10 SUMMRUY ========== normal user has view permiision in survey . But still that user can edit the survey by adding that survey to his own group . STEP TO REPRODUCE ================= 1. There is already a superadminuser-...

DedeBIZ Cross-Site Scripting Vulnerability

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A cross-site scripting vulnerability exists in DedeBIZ version 6.2.10, which stems from the Article Handler component can lead to cross-site scripting vulnerability. No detailed vulnerability details a...

DedeBIZ 跨站脚本漏洞

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A cross-site scripting vulnerability exists in DedeBIZ version 6.2.10, which stems from the Article Handler component can lead to cross-site scripting vulnerability. No detailed vulnerability details a...

CVE-2023-28410

Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

Splunk Enterprise Multiple OpenSSL Vulnerabilities (SP-CAAAPQM)

Splunk Enterprise is prone to multiple OpenSSL vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk"; i...