2405 matches found
Seven Bears Library CMS 代码注入漏洞
Seven Bears Library CMS is a content management system by mirweiye Personal Developer. A code injection vulnerability exists in Seven Bears Library CMS version 2023, which stems from the vulnerability of the Background Management Page component to cross-site scripting attacks...
WordPress plugin Slazzer Background Changer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exis...
CVE-2025-31488 Plain Craft Launcher's custom homepage can use Internet Explorer to load web pages with the help of controls such as WebBrowser
Plain Craft Launcher PCL is a launcher for Minecraft. PCL allows users to use homepages provided by third parties. If controls such as WebBrowser are used in the homepage, WPF will use Internet Explorer to load the specified webpage. If the user uses a malicious homepage, the attacker can use IE...
Plain Craft Launcher 输入验证错误漏洞
Plain Craft Launcher is an open source software by Hex Dragon. Plain Craft Launcher suffers from an input validation error vulnerability that stems from a malicious homepage that may use IE to access web pages in the background...
PT-2025-11211 · Dataease · Dataease
Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.6 Description: DataEase is an open source business intelligence and data visualization tool. A patch bypass issue allows authenticated users to read and deserialize arbitrary files through the background JDBC...
DataEase 安全漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. DataEase version 2.10.6 prior to a security vulnerability , the vulnerability...
DataEase 安全漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. DataEase version 2.10.6 prior to the existence of a security vulnerability , th...
CVE-2024-13431
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accentcolor and background parameter in all versions up to, and including, 1.6.8.3 due to insufficient input sanitization and output escaping...
PYSEC-2025-24
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...
PYSEC-2025-24
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...
CVE-2025-25301
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...
CVE-2025-25302 Rembg CORS misconfiguration
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allowcredentia...
SUSE CVE-2025-21783
In the Linux kernel, the following vulnerability has been resolved: gpiolib: Fix crash on error in gpiochipgetngpios The gpiochipgetngpios uses chip macros to print messages. However these macros rely on gpiodev to be initialised and set, which is not the case when called via bgpioinit. In such a...
SUSE CVE-2022-49174
In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default enabled, extents for any given inode might span across blocks from two different block group. ext4mbmarkbb only reads the bufferhead...
US Background Check Firm Data Breach Exposes 3.3M Records
A data breach at DISA Global Solutions, a firm providing background checks, and drugs and alcohol testing services,…...
DEBIAN-CVE-2022-49347
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0: ext4mbgeneratebuddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------ cut here ------------ kernel...
PT-2025-7590 · Phpcmsv9 · Phpcmsv9
Name of the Vulnerable Software and Affected Versions: phpcmsv9 version 9.6.3 Description: The issue allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator. This is a Cross-Site Scripting issue. Recommendations: For phpcmsv9...
CVE-2025-25960
CVE-2025-25960 is a Cross Site Scripting vulnerability affecting phpcmsv9 v9.6.3. The issue allows a remote attacker to escalate privileges via the member center’s menu interface in the background administrator. Reported impact is a partial privilege escalation with low confidentiality/integrity ...
DOGE Teen Owns ‘Tesla.Sexy LLC’ and Worked at Startup That Has Hired Convicted Hackers
Experts question whether Edward Coristine, a DOGE staffer who has gone by “Big Balls” online, would pass the background check typically required for access to sensitive US government systems...
CVE-2025-22784
Cross-Site Request Forgery CSRF vulnerability in swedish boy Background Control background-control allows Path Traversal.This issue affects Background Control: from n/a through = 1.0.5...