CVE-2025-58958 WordPress SmilePure Theme < 1.8.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through 1.8.5...

Linux Distros Unpatched Vulnerability : CVE-2020-21049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid read in the stbimage.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service DOS via a crafted PSD file. CVE-2020-21049...

WordPress SmilePure Theme < 1.8.5 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme SmilePure versions 1.8.5...

OpenFGA 授权问题漏洞

OpenFGA is OpenFGA open source a high performance and flexible authorization/licensing engine built for developers and inspired by Google Zanzibar. An authorization issue vulnerability exists in versions prior to OpenFGA v1.8.5 that stems from vulnerability to authorization bypass...

PT-2024-19929 · Apache · Apache Fineract

Name of the Vulnerable Software and Affected Versions: Apache Fineract versions prior to 1.8.5 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection. This allows for potential exploitation. Users are advised to...

PT-2024-19928 · Apache · Apache Fineract

Name of the Vulnerable Software and Affected Versions: Apache Fineract versions prior to 1.8.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation. Users are advised t...

Flarum Input Validation Error Vulnerability

Flarum is an open source forum system for the Flarum community. An input validation error vulnerability exists in Flarum versions prior to 1.8.5, which stems from the logout route containing a redirection parameter that allows any third party to redirect users from a trusted domain to any link...

SUSE CVE-2013-1583

The dissectversion4primaryheader function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service application crash via a malformed packet...

SUSE CVE-2019-18602

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer...

CVE-2022-29077

A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...

DEBIAN-CVE-2021-21261

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. This sandbox-escape bug is present in versio...

MyBB Cross-Site Scripting Vulnerability (CNVD-2015-05800)

MyBB is a popular web-based very good free forum software developed with PHP and MySQL. A cross-site scripting vulnerability exists in versions of MyBB prior to 1.8.5, which allows remote attackers to inject arbitrary web script or HTML via the content of a post...

DEBIAN-CVE-2013-1584

The dissectversion5and6primaryheader function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service application crash via a malformed packet...

UBUNTU-CVE-2013-1572

The dissectoampdueventnotification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service...

Another DoS Vulnerability in CGI Library

The readmultipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service infinite loop via crafted HTTP requests, a different issue than CVE-2006-5467...