717 matches found
CVE-2025-30436
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls...
CVE-2025-30436
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls...
CVE-2025-30436
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls...
CVE-2025-30436
CVE-2025-30436 (Apple iOS/iPadOS) : On a locked device, an attacker may exploit Siri to enable Auto-Answer Calls due to insufficient restriction of options. The issue is fixed in iOS 18.4 and iPadOS 18.4. Affected user devices should update to 18.4 or later to remediate. The published description...
PT-2025-20750 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.4 iPadOS versions prior to 18.4 Description: An issue allows an attacker to potentially use Siri to enable Auto-Answer Calls. This could be exploited on a locked device. The estimated number of potentially affected...
Enhancing Security and Strengthening Defenses in Automated Short-Answer Grading Systems
This study examines vulnerabilities in transformer-based automated short-answer grading systems used in medical education, with a focus on how these systems can be manipulated through adversarial gaming strategies. Our research identifies three main types of gaming strategies that exploit the...
CVE-2025-32647
Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer question-answer allows Object Injection.This issue affects Question Answer: from n/a through = 1.2.73...
CVE-2025-32646
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Question Answer question-answer allows Reflected XSS.This issue affects Question Answer: from n/a through = 1.2.70...
CVE-2025-32647
Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer question-answer allows Object Injection.This issue affects Question Answer: from n/a through = 1.2.73...
CVE-2025-32646
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Question Answer question-answer allows Reflected XSS.This issue affects Question Answer: from n/a through = 1.2.70...
CVE-2025-32647
CVE-2025-32647 is a PHP object-injection deserialization vulnerability in the WordPress PickPlugins Question Answer plugin. Affected software: Question Answer (WordPress) versions up to 1.2.70 (Wordfence/Red Hat entries). Several sources indicate a patched fix exists in version 1.2.73 (Patchstack...
CVE-2025-32646
CVE-2025-32646 corresponds to a WordPress WordPress Plugin Issue: Question Answer
CVE-2025-32646 WordPress Question Answer plugin <= 1.2.70 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Question Answer question-answer allows Reflected XSS.This issue affects Question Answer: from n/a through = 1.2.70...
WordPress plugin Question Answer 代码问题漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
PT-2025-17153
Name of the Vulnerable Software and Affected Versions PickPlugins Question Answer versions 1.2.70 and earlier Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attacke...
WordPress plugin Question Answer 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
Apache Answer Information Disclosure Vulnerability
Apache Answer is a community platform of the Apache USA Foundation. An information disclosure vulnerability exists in Apache Answer 1.4.2 and earlier versions, which stems from a public method returning a private data structure, and can be exploited by an attacker to cause IP address disclosure...
SUSE CVE-2025-29868
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-31810
Missing Authorization vulnerability in PickPlugins Question Answer question-answer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Question Answer: from n/a through = 1.2.73...
CVE-2025-29868
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...