17 matches found
CVE-2026-6675
The CVE entry maps to a concrete vulnerability in the WordPress Responsive Blocks plugin (versions ≤ 2.2.0). It describes an unauthenticated open email relay via the REST API 'email_to' parameter, enabling abuse of email delivery functions without login. The source does not provide exploit steps ...
FastAPI Admin 访问控制错误漏洞
FastAPI Admin is an open-source management dashboard based on FastAPI and TortoiseORM. Versions of FastAPI Admin 2.2.0 and earlier contained a access control vulnerability. This vulnerability stemmed from incorrect handling of the filepath parameter in the downloadcontroller function of the...
EUVD-2025-36997
Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...
WordPress plugin Flynax Bridge 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Clever Addons for Elementor plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Clever Addons for Elementor versions = 2.2.0...
WordPress plugin Schema App Structured Data Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
DEBIAN-CVE-2022-48682
In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink...
PT-2024-23433 · Vsourz Digital · Vsourz Digital All In One Redirection
Name of the Vulnerable Software and Affected Versions: Vsourz Digital All In One Redirection versions 2.2.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker c...
PT-2024-23130 · Unknown · Camille Verrier Travelers' Map
Name of the Vulnerable Software and Affected Versions: Camille Verrier Travelers' Map versions 2.2.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inje...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29570 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29570 Source advisory: OSV:GHSA-545V-42P7-98FQ...
Zephyr Input Validation Error Vulnerability (CNVD-2020-35964)
Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. An input validation error vulnerability exists in the Bluetooth subsystem in Zephyr versions 2.2.0 and later and 1.14.0 and later. An attacker can exploit this vulnerability by sending consecutive...
capreolus (>=0.1.0 <=0.1.1), django-basic-auth-ip-whitelist (=0.2.0) +18 more potentially affected by CVE-2020-7471 via django (>=2.2.0 <=2.2.1)
django PYPI version =2.2.0, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.0.16 - ibm-db-django =1.3.0.0 - irekua-database =0.1.0 and more Source cves: CVE-2020-7471 Source advisory: OSV:PYSEC-2020-35...
ai.grakn.kgms:client (=1.4.3), ai.grakn:client-java (>=1.4.1 <=1.4.3) +360 more potentially affected by CVE-2018-1334 via org.apache.spark:spark-core_2.11 (>=2.2.0 <=2.2.1)
org.apache.spark:spark-core2.11 MAVEN version =2.2.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2018-1334 Source advisory: OSV:GHSA-6MQQ-8R44-VMJC...
IBM Sterling File Gateway Information Disclosure Vulnerability (CNVD-2018-14094)
IBM Sterling File Gateway is a suite of file transfer software from IBM in the United States. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. An information disclosure vulnerability exists in IBM Sterlin...
Wireshark Denial of Service Vulnerability (CNVD-2018-07439)
Wireshark formerly known as Ethereal is a set of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.IEEE 802.15.4 parser is one of the IEEE 802.15.4 standard parser. A security...
Wireshark Integer Overflow Vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. An integer overflow vulnerability exists in Wireshark versions 2.2.0 through 2.2.3 and...
GNOME's Eye Of Gnome incorrect file name handling
Advisory ID Internal CORE-2003-0304-03 Bugtraq ID: 7121 CVE Name: CAN-2003-0165 CERT: VU363001 Title: GNOME's Eye Of Gnome incorrect file name handling Class: Input validation error Remotely Exploitable: No Locally Exploitable: Yes Vendors contacted: Eye Of Gnome . CORE Notification: 2003-03-14...