WordPress Nexi XPay plugin <= 8.3.0 - Missing Authorization to Unauthenticated Order Status Modification vulnerability

Missing Authorization to Unauthenticated Order Status Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Nexi XPay versions = 8.3.0...

CVE-2025-63743

Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is execut...

Bio-Formats 代码问题漏洞

Bio-Formats is an Open Microscopy Environment open source Java library for reading and writing various microscopy imaging proprietary file formats. A code issue vulnerability exists in Bio-Formats 8.3.0 and prior versions that stems from an XML external entity vulnerability in the Leica...

Linux Distros Unpatched Vulnerability : CVE-2024-21000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.36 and prior and...

fastify-multipart 安全漏洞

fastify-multipart is a software package that supports parsing multiple content types. A security vulnerability exists in fastify-multipart versions 8.3.0 and earlier and versions 9.0.0 through 9.0.3 and earlier, which stems from the saveRequestFiles function not deleting temporary files that have...

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

UBUNTU-CVE-2024-21160

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

UBUNTU-CVE-2024-20998

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

UBUNTU-CVE-2024-20994

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromis...

UBUNTU-CVE-2024-21062

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

curl security vulnerability

curl is a tool used to transfer data from or to a server. A security vulnerability exists in curl versions 7.9.1 through 8.3.0 that stems from the presence of a cookie injection vulnerability that allows an attacker to insert a cookie into a running program...

Adobe Substance 3D Painter Out-of-Bounds Read Vulnerability

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance 3D Painter 8.3.0 and earlier versions, which can be exploited by an attacker to cause a sensitive memory disclosure...

Adobe Substance 3D Painter 缓冲区错误漏洞

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance 3D Painter 8.3.0 and earlier versions, which can be exploited by an attacker to execute code in the current user's context...

Adobe Substance 3D Painter 缓冲区错误漏洞

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance 3D Painter 8.3.0 and earlier versions, which can be exploited by an attacker to execute code in the current user's context...

PT-2022-4538 · General Electric · Inet +4

Name of the Vulnerable Software and Affected Versions: General Electric Renewable Energy iNET versions prior to 8.3.0 General Electric Renewable Energy iNET II versions prior to 8.3.0 General Electric Renewable Energy SD versions prior to 6.4.7 General Electric Renewable Energy TD220X versions...

Security Bulletin: Vulnerability in IBM Java SDK affects Rational Functional Tester (CVE-2016-5542)

Summary If a JAR file is signed with old, weak hash algorithms, the class files within it can be modified without the change being caught. This potentially enables attackers to inject malicious code into signed code from a trusted third party. Vulnerability Details CVEID: CVE-2016-5542 DESCRIPTIO...