CVE-2023-5714

The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sddbspecs function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level acces...

CVE-2022-1950

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

CVE-2022-1906

The Copyright Proof WordPress plugin through 4.16 does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled...

CVE-2022-0163

The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednaosmartformsentrieslist AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form's data, which could include sensitive information such as PII depending on the form...

CVE-2022-3921

The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...

CVE-2021-24988

The WP RSS Aggregator WordPress plugin before 4.19.3 does not sanitise and escape data before outputting it in the System Info admin dashboard, which could lead to a Stored XSS issue due to the wprssdismissaddonnotice AJAX action missing authorisation and CSRF checks, allowing any authenticated...

CVE-2021-24948

The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tpgetdlpostinfoajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts...

CVE-2021-26830

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...

CVE-2021-24910

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in the response, leading to a Reflected Cross-Si...

WordPress PSW Front-end Login Registration 1.12 User Registration

WordPress PSW Front-end Login Registration plugin versions 1.12 and below suffers from a vulnerability that allows an unauthenticated attacker to register new user accounts via an exposed AJAX action without proper validation or restrictions...

Lara: Lightweight Anonymous Authentication with Asynchronous Revocation Auditability

Anonymous authentication is a technique that allows to combine access control with privacy preservation. Typically, clients use different pseudonyms for each access, hindering providers from correlating their activities. To perform the revocation of pseudonyms in a privacy preserving manner is...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...

kernel: NFSD: Limit the number of concurrent async COPY operations

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB...

[SECURITY] Fedora 40 Update: python-h11-0.14.0-7.fc40

This is a little HTTP/1.1 library written from scratch in Python, heavily inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO code whatsoever. This means you can hook h11 up to your favorite network API, and that could be anything you want: synchronous, threaded,...

libevent bug fix update

An update is available for libevent. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libevent packages provide an abstract asynchronous event notification...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

libuv security update

An update is available for libuv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libuv is a multi-platform support library with a focus on asynchronous I/O...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

USN-7477-1: c-ares vulnerability

It was discovered that c-ares incorrectly handled re-enqueuing certain queries. A remote attacker could possibly use this issue to cause c-ares to crash, resulting in a denial of service...