361255 matches found
CVE-2025-69103
Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...
CVE-2025-60218
Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...
CVE-2025-60223
Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...
CVE-2025-49403
Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress = 3.0.2 versions...
CVE-2024-52488
Subscriber Arbitrary File Upload in Grip = 1.0.9 versions...
CVE-2026-52716 WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
EUVD-2026-37700
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
CVE-2026-54193 WordPress Fusion Builder plugin <= 3.15.4 - Arbitrary File Deletion vulnerability
Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...
postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...
CVE-2026-11858
Quanos SCHEMA ST4 on-premises is affected by a local privilege escalation due to insufficient authorization on the Client Update Service. The service, running as NT AUTHORITY\SYSTEM, exposes a .NET Remoting interface over a named pipe without proper access controls. A local authenticated low-priv...
firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...
Cross-Site Scripting (XSS)
Vitest is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the otelCarrier query parameter being inserted directly into an inline module script and treated as JavaScript source rather than data, which allows an attacker to craft a malicious browser-runner URL and execute...
firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...
firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...
CVE-2026-52705 WordPress SigmaForms Pro – AI Generated Forms plugin <= 1.4.5 - Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms = 1.4.5 versions...
CVE-2026-52705
CVE-2026-52705 affects the WordPress plugin SigmaForms Pro – AI Generated Forms (versions
CVE-2026-40749 WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Charity Zone = 1.1.1 versions...
CVE-2026-40749
The CVE covers the WordPress Charity Zone theme (versions <= 1.1.1) with a Subscriber Arbitrary File Upload vulnerability. The underlying issue enables arbitrary files to be uploaded due to insecure handling in Charity Zone
CVE-2026-40748 WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Kids Gift Shop = 0.5.4 versions...