95 matches found
CVE-2025-52862 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-52429 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
PT-2025-40580
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.6.3195 build 20250715 QNAP versions prior to QuTS hero h5.2.6.3195 build 20250715 Description A flaw exists where a remote attacker, having obtained administrator privileges, can trigger a denial-of-service DoS...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. An attacker can access internal resources, exfiltrate sensitive information, or perform unauthorized actions by sending crafted requests to internal or protected endpoints. Note: This is only exploitabl...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. An attacker can access internal resources, exfiltrate sensitive information, or perform unauthorized actions by sending crafted requests to internal or protected endpoints. Note: This is only exploitabl...
Files or Directories Accessible to External Parties
Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...
CVE-2025-57871
There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...
CVE-2025-10002
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to SQL Injection via the exportcsv function in all versions up to, and including, 2.5.0 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2025-9346
The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 10.14.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and...
CVE-2025-8678
The WP Crontrol plugin for WordPress is vulnerable to blind Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the 'wpremoterequest' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
CVE-2025-8081
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the ImportImages::import function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access an...
PT-2025-29910 · Mailcow · Mailcow
Name of the Vulnerable Software and Affected Versions: mailcow: dockerized versions prior to 2025-07 Description: A Server-Side Template Injection SSTI vulnerability exists in the notification template system used for sending quota and quarantine alerts. The template rendering engine allows...
CVE-2025-4102
The Beaver Builder Plugin Starter Version plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveenabledicons' function in all versions up to, and including, 2.9.1. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2025-5939 Telegram for WP <= 1.6.1 - Authenticated (Admin+) Stored Cross-Site Scripting
The Telegram for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...
CVE-2019-19699
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...
CVE-2018-11774
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of securi...
CVE-2024-12510 LDAP Authentication Sever Pass-back attack
If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup...
CVE-2024-9582
The Accordion Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ attribute of an accordion slider in all versions up to, and including, 1.9.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...