CVE-2025-14042

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

CVE-2025-14040

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to inconsistent checks in the backend routing. An attacker can gain unauthorized access to backend AJAX routes by directly invoking them without proper permissions. Note: Additional fixed versions are available...

WordPress Image horizontal reel scroll slideshow plugin <= 13.4 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Image horizontal reel scroll slideshow versions = 13.4...

PT-2023-23750 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.4 Description: A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue allows an app to bypass Privacy preferences. Recommendations: For versions prior to 13.4, update ...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which originates from an unauthenticated user who may be able to access recently printed documents...

Apple macOS Ventura 资源管理错误漏洞

Apple macOS Ventura is a desktop operating system by Apple Inc. A resource management error vulnerability exists in Apple macOS Ventura version 13.4, which originates from an application that may be able to execute arbitrary code using kernel privileges...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to bypass privacy preferences...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to modify protected portions of the file system...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to bypass privacy preferences...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to read sensitive location information...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to bypass privacy preferences...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to modify protected portions of the file system...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to bypass privacy preferences...

UBUNTU-CVE-2021-39902

Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident...

PT-2021-22749 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.4 and above Description: The issue allows a user with guest membership in a project to modify the severity of an incident due to incorrect authorization. Recommendations: For GitLab CE/EE versions 13.4 and above, upda...

CVE-2021-2053

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ba...

PT-2020-13487 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: Membership changes are not reflected in ToDo subscriptions, allowing guest users to access confidential issues through the API...

Unspecified Vulnerability in Apple iOS and iPadOS Web App Component

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in the Web App component of Apple iOS before 13.4 and iPadOS before 13.4. An...

TIBCO Statistica Server TIBCO Statistica Component Cross-Site Scripting Vulnerability

TIBCO Statistica Server is a suite of job servers from TIBCO Software that provides a governance framework for shared workspaces and reusable templates.Statistica is one of the components... A cross-site scripting vulnerability exists in the web application of the TIBCO Statistica component in...