9293 matches found
WordPress plugin Automatic Ban IP 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Security Updates for Microsoft OneNote C2R (April 2025)
The Microsoft OneNote Products are missing a security update. It is, therefore, affected by a security feature bypass vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. Th...
Security Updates for Microsoft Word Products C2R (April 2025)
The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-27747, CVE-2025-29820 Note that...
DRUPAL-CONTRIB-2025-030
This module enables you to translate nodes, configuration, UI strings automatically. The module doesn't sufficiently validate the incoming API response when using eTranslation integration, which has an asynchronous workflow. Specially crafted requests could overwrite entities and translations of...
WordPress Automatic Ban IP Plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Automatic Ban IP versions = 1.0.7...
CVE-2025-31820
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.4...
[SECURITY] Fedora 40 Update: suricata-7.0.10-1.fc40
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 42 Update: php-kissifrot-php-ixr-1.8.4-1.fc42
PHP-IXR is an XML-RPC library designed primarily for ease of use. It incorporates both client and server classes, and is designed to hide as much of the workings of XML-RPC from the user as possible. A key feature of the library is automatic type conversion from PHP types to XML-RPC types and vic...
CVE-2025-31820
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.4...
Incorrect Authorization
Overview org.apache.activemq:artemis-server is a server package for the ActiveMQ-Artemis project. Affected versions of this package are vulnerable to Incorrect Authorization in the createQueue method in ServerSessionImpl.java, which is invoked by the createDurableQueue and createNonDurableQueue...
CVE-2025-27427
A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When...
WordPress plugin Automatic Featured Images from Videos 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
[SECURITY] Fedora 41 Update: nodejs-nodemon-3.1.9-3.fc41
Simple monitor script for use during development of a node.js app. For use during development of a node.js based application. nodemon will watch the files in the directory in which nodemon was started, and if any files change, nodemon will automatically restart your node application. nodemon does...
Citrix : ADC: Netscaler VPX vs ESXi compatibility version
Netscaler VPX on ESXi got rebooted automatically...
WordPress plugin Scheduled & Automatic Order Status Controller for WooCommerce 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...
PT-2025-20493
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the spi: fsl-qspi driver, where the use of devm APIs to manage resources and the legacy remove function cou...
Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates
Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates Spring AI 1.0.0-SNAPSHOT introduces several important changes to artifact IDs, dependency management, and autoconfiguration. This blog post outlines these changes and provides guidance on how to update your projects. The most significa...
LogicalDOC 安全漏洞
LogicalDOC is a document management system developed using Java technology by LogicalDOC, Inc. in the United States. The system has features such as Lucene full-text search indexing and automatic importing. A security vulnerability exists in LogicalDOC that stems from an API used in the applicati...
Security Updates for Microsoft Access Products C2R (March 2025)
The Microsoft Access Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-26630 Note that Nessus has n...
Fedora 41 : buildah (2025-f7524afa1f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7524afa1f advisory. Automatic update for buildah-1.39.2-1.fc41. Security fix for CVE-2025-27144 Changelog for buildah Tue Mar 04 2025 Packit - 2:1.39.2-1 - Update to...