9293 matches found
WordPress plugin WordPress Automatic Plugin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-34750 · WordPress · Wordpress Automatic Plugin
Name of the Vulnerable Software and Affected Versions: WordPress Automatic Plugin versions prior to 3.118.0 Description: The WordPress Automatic Plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in one of its functions. This allows...
AZL-73638 CVE-2025-38665 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...
CVE-2025-38665
CVE-2025-38665 (Linux kernel CAN): A NULL pointer dereference in netlink can_changelink() when restarting a CAN device, due to missing can_priv::do_set_mode callback. Two code paths call this callback: manual restart via can_changelink() and delayed automatic restart after bus off. The fix preven...
CVE-2025-38665
In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the IRC client process when handling crafted numeric replies from an IRC server. An attacker can execute arbitrary code by sending a specially crafted 001 message during the automatic IRC connection proces...
CVE-2009-10006
UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply specifically a 001 message, the application fails to properly validate the length of...
CVE-2009-10006
UFO: Alien Invasion (versions up to and including 2.2.1) contains a stack-based buffer overflow in the built-in IRC client component. When the client processes a crafted IRC 001 numeric reply during automatic IRC connection handling, the string length validation can overflow the stack, potentiall...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
PT-2025-34366 · Unknown · Ufo: Alien Invasion
Name of the Vulnerable Software and Affected Versions: UFO: Alien Invasion versions up to and including 2.2.1 Description: UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow in its built-in IRC client component. When the client connects to an IRC server and receives ...
Fedora 44 : docker-buildx (2025-d6e22cfe3d)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d6e22cfe3d advisory. Automatic update for docker-buildx-0.27.0-1.fc44. Changelog Wed Aug 20 2025 Bradley G Smith - 0.27.0-1 - Update to release v0.27.0 - Resolves: rhvz2388453,...
All Apple users should update after company patches zero-day vulnerability in all platforms
Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability a vulnerability which Apple was previously unaware of that is reportedly being used in targeted attacks. The updates cover: iOS 18.6.2 and iPadOS 18.6.2 iPhone XS and later, iPad Pro 13-inch, iPad Pro...
CVE-2024-45438
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent emai...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
CVE-2025-57729 affects JetBrains IntelliJ IDEA prior to 2025.2, where an automated LSP server startup can trigger an unexpected plugin startup. Multiple connected sources (CNVD, Red Hat, OSV, PT-Security, etc.) corroborate the issue and describe the root cause as the automatic LSP server initiali...
PT-2025-34030 · Jetbrains · Intellij Idea
Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2025.2 Description: Unexpected plugin startup was possible due to automatic LSP server start. Recommendations: Update JetBrains IntelliJ IDEA to version 2025.2 or later...
Exploit for CVE-2025-8723
⚡️ Cloudflare Image Resizing Description: The plugin'...