CVE-2026-32502

Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through 1.6...

WordPress Borgholm theme < 1.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Borgholm versions 1.6...

Shelly Pro 4PM 安全漏洞

Shelly Pro 4PM is an energy monitoring device from Shelly USA. A security vulnerability exists in Shelly Pro 4PM versions prior to 1.6, which stems from an unlimited resource allocation that could lead to over-allocation...

EUVD-2008-4070

Malware in sbrugna...

OESA-2025-1817 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

mee-admin 安全漏洞

mee-admin is an open source backend management system by funnyzpc individual developers. A security vulnerability exists in mee-admin versions prior to 1.6, which stems from the parameter username in the file /mee/login causing observable response differences...

PT-2024-3324 · Moxa · Nport 5100A Series

Name of the Vulnerable Software and Affected Versions: NPort 5100A Series versions prior to 1.6 Description: The issue exists due to the failure to protect the web page structure, allowing a remote attacker to escalate privileges. The vulnerability is caused by not correctly neutralizing...

WordPress plugin Amazon S3 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

Intel(R) QAT drivers 代码问题漏洞

Intel QAT Drivers is a driver from Intel Corporation USA. A security vulnerability exists in IntelR QAT drivers for Windows versions prior to 1.6, which originates from an uncontrolled search path. An attacker can exploit the vulnerability to escalate privileges...

SICK SIM Series 访问控制错误漏洞

SICK SIM Series is a series of sensor integrators from SICK, Germany. An access control error vulnerability exists in SICK SIM Series FX Partnumber versions 1097816 and 1097817 firmware versions prior to 1.6.0, which stems from a vulnerability that allows an unprivileged, remote attacker to acces...

CVE-2022-2181

The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting...

marginalia SQL Injection Vulnerability

marginalia is a package for adding annotations to ActiveRecord queries. A SQL injection vulnerability exists in versions prior to marginalia 1.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

exceljs cross-site scripting vulnerability

exceljs is a software package for reading, manipulating and writing spreadsheet data and styles. A cross-site scripting vulnerability exists in versions of exceljs prior to 1.6. A remote attacker can exploit this vulnerability to execute JavaScript code embedded in an XLS worksheet with the help ...

Moxa SoftCMS Live Viewer SQL Injection Vulnerability

Moxa SoftCMS Live Viewer is a software package developed by Moxa for remote monitoring and debugging of industrial automation systems. A SQL injection vulnerability exists in Moxa SoftCMS Live Viewer 1.6 and earlier versions. A remote attacker can exploit this vulnerability to access SoftCMS Live...

Moxa SoftCMS Denial of Service Vulnerability

Moxa SoftCMS is a set of centralized management software for large-scale surveillance systems developed by Moxa. The software supports real-time video surveillance, video playback and event management. A denial of service vulnerability exists in Moxa SoftCMS versions prior to 1.6. Due to a double...

Moxa SoftCMS SQL Injection Vulnerability

Moxa SoftCMS is a set of centralized management software for large-scale surveillance systems developed by Moxa. The software supports real-time video surveillance, video playback and event management. A SQL injection vulnerability exists in Moxa SoftCMS versions prior to 1.6. An attacker can...

IPTables-Parse 'IPTables/Parse.pm' Insecure Temporary File Creation Vulnerability

IPTables-Parse is a Perl extension for parsing iptables and ip6tables firewall rules. An insecure temporary file creation vulnerability exists in IPTables-Parse versions prior to 1.6. A local attacker can exploit this vulnerability to perform a symbolic link attack to overwrite arbitrary files in...