WordPress Plugin Grand Portfolio 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-13459

CVE-2025-13459 affects IBM Aspera Console versions 3.3.0–3.4.8. Affected component is the console server; root cause is improper enforcement of behavioral workflow, enabling a privileged user to trigger a denial of service. The IBM bulletin cites a remediation upgrade to version 3.4.9 (Windows an...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005350 advisory. Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer...

ALPINE-CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

CVE-2026-22393

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through = 3.3...

CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

EUVD-2022-3970

Malicious code in bioql PyPI...

EUVD-2023-28450

Malicious code in bioql PyPI...

EUVD-2022-4977

Malicious code in bioql PyPI...

CVE-2025-30034

CVE-2025-30034 affects Siemens SIMATIC RTLS Locating Manager (all versions

CVE-2025-25135

CVE-2025-25135 : WordPress plugin “Custom Links On Admin Dashboard Toolbar” (

WordPress plugin A/B Image Optimizer 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversa...

CVE-2025-24744

CVE-2025-24744 corresponds to a Missing Authorization (Broken Access) vulnerability in WordPress Bridge Core. The CVE note and Red Hat/Wordfence-related entries consistently describe it as affecting Bridge Core versions up to 3.3. The connected sources confirm the issue is a Missing Authorization...

PT-2025-5556 · Unknown · Notfound Bridge Core

Name of the Vulnerable Software and Affected Versions: NotFound Bridge Core versions n/a through 3.3 Description: The issue is related to a Missing Authorization vulnerability in NotFound Bridge Core. This vulnerability affects the authorization process, potentially allowing unauthorized access...

PT-2025-2496 · Skt Themes · Skt Themes Posterity

Name of the Vulnerable Software and Affected Versions: SKT Themes Posterity versions 3.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 3.3-milestone-1 through 16.3.0, which stems from the fact that on an instance with the Extension Repository Application installed...

WordPress plugin Advanced Sermons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

BlackBerry CylanceOPTICS 安全漏洞

BlackBerry CylanceOPTICS is a cloud-enabled Endpoint Detection and Response EDR solution from BlackBerry Canada. A security vulnerability exists in BlackBerry CylanceOPTICS versions 3.2 and 3.3, which stems from a tampering vulnerability in the installer package that allows an attacker to uninsta...

PT-2024-26381 · Cylance · Cylanceoptics

Name of the Vulnerable Software and Affected Versions: CylanceOPTICS for Windows versions 3.2 and 3.3 Description: A tampering vulnerability in the CylanceOPTICS Windows Installer Package could allow an attacker to potentially uninstall CylanceOPTICS from a system, thereby leaving it with only th...

CVE-2024-34800

Missing Authorization vulnerability in Crafthemes Crafthemes Demo Import crafthemes-demo-import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crafthemes Demo Import: from n/a through = 3.3...