Astra Linux - уязвимость в unbound

Unbound versions 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can lead to the execution of shell code after receiving a specially crafted answer. This issue can only be exploited if Unbound was compiled with the --enable-ipsecmod option, and Isecmod is enabled and utilized...

WBCE CMS SQL注入漏洞

WBCE CMS is WBCE CMS open source a set of open source content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in WBCE CMS 1.6.4 and earlier versions, which stems from improper handling of the groups parameter and can lead to SQL injection attacks...

EUVD-2025-26048

Malicious code in bioql PyPI...

CVE-2025-58259

Cross-Site Request Forgery CSRF vulnerability in scriptsbundle Nokri nokri allows Cross Site Request Forgery.This issue affects Nokri: from n/a through = 1.6.4...

WordPress Product Time Countdown for WooCommerce plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Product Time Countdown for WooCommerce versions = 1.6.5...

WordPress Table Editor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Table Editor versions = 1.6.4...

FORT Validator 安全漏洞

FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions 1.6.3 and 1.6.4, which stems from the presence of an integer underflow issue...

PT-2024-35847 · Unknown · Cool Plugins Cryptocurrency Widgets For Elementor

Name of the Vulnerable Software and Affected Versions: Cool Plugins Cryptocurrency Widgets For Elementor versions 1.6.4 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which...

PT-2024-30509 · Elementor · Ultimate Store Kit Elementor Addons

Name of the Vulnerable Software and Affected Versions: Ultimate Store Kit Elementor Addons versions 1.6.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that ...

WordPress plugin XPlainer security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Ree6 SQL注入漏洞

Ree6 is a Ree6 open source all-in-one Discord Bot maintained by Presti. Ree6 1.6.4 and earlier versions suffer from a SQL injection vulnerability that can be exploited by attackers to manipulate SQL queries...

CVE-2021-27400

HashiCorp Vault and Vault Enterprise Cassandra integrations storage backend and database secrets engine plugin did not validate TLS certificates when connecting to Cassandra clusters. Fixed in 1.6.4 and 1.7.1...

PT-2021-17439 · Hashicorp +1 · Hashicorp Vault +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions prior to 1.6.4 HashiCorp Vault and Vault Enterprise versions prior to 1.7.1 Description: The issue concerns the failure to validate TLS certificates when connecting to Cassandra clusters, affectin...

CVE-2020-13627

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

Github Electron URL Spoofing Vulnerability

GitHub Electron is an application development framework from the American company GitHub. The framework supports writing cross-platform desktop applications using JavaScript, HTML and CSS. A security vulnerability exists in Github Electron versions 1.6.4 through 1.6.11 and 1.7.0 through 1.7.5. An...