WordPress plugin Page Manager for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

CVE-2025-48459

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48459 Apache IoTDB: Deserialization of untrusted Data

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48459 Apache IoTDB: Deserialization of untrusted Data

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-6677

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Paragraphs table allows Cross-Site Scripting XSS.This issue affects Paragraphs table: from 2.0.0 before 2.0.5...

Drupal IFrame Remove Filter 跨站脚本漏洞

Drupal IFrame Remove Filter is a module plugin in the Drupal content management system from the Drupal community. A cross-site scripting vulnerability exists in Drupal IFrame Remove Filter versions prior to 2.0.5, which stems from improper input neutralization and could lead to cross-site scripti...

Intel QAT 安全漏洞

Intel QAT software refers to the collection of software components that support Intel QuickAssist technology. An untrusted pointer dereference vulnerability exists in Intel QAT software, which can be exploited by an attacker to access compromised information via the local system...

PT-2023-16635 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.0.5 Description: The issue is related to Cross-site Scripting XSS - Reflected. This is a type of security vulnerability that occurs when an application includes user input in its output without proper...

CVE-2022-24372

Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress icegram plugin in versions prior to 2.0.5 has a...

Takayuki Sato copy-props 安全漏洞

Takayuki Sato copy-props is Takayuki Sato open source an application system . It is used to deeply copy properties between two objects. A security vulnerability exists in copy-props before 2.0.5, which stems from susceptibility to prototype contamination...

Harbor Authorization Issues Vulnerability

Harbor is an open source trusted cloud native registry from the Cloud Native Computing Foundation. The product is primarily used to store, sign, and scan container images for vulnerabilities. An authorization issue vulnerability exists in Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2, which stem...

PT-2020-14306 · Typo3 · Typo3Fluid/Fluid

Name of the Vulnerable Software and Affected Versions: typo3fluid/fluid versions prior to 2.0.5 typo3fluid/fluid versions prior to 2.1.4 typo3fluid/fluid versions prior to 2.2.1 typo3fluid/fluid versions prior to 2.3.5 typo3fluid/fluid versions prior to 2.4.1 typo3fluid/fluid versions prior to...

PT-2020-6222 · Pacemaker +7 · Pacemaker +7

Name of the Vulnerable Software and Affected Versions: Pacemaker versions prior to 1.1.24-rc1 Pacemaker versions prior to 2.0.5-rc2 Description: The issue is related to an ACL bypass flaw in Pacemaker, which could allow an attacker with a local account on the cluster and in the haclient group to...

S9Y Serendipity Cross-Site Request Forgery Vulnerability

Serendipity is a PHP-based blogging system. The system supports the creation of online journals, blogs, web pages and more. A cross-site request forgery vulnerability exists in versions prior to S9Y Serendipity 2.0.5 due to the program failing to properly validate HTTP requests. A remote attacker...

nsGenericDOMDataNode:: SetTextInternal

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a...

CVE-2010-1994

SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATHINFO...

CVE-2010-1996

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with certain creation privileges, to inject arbitrary web script or HTML via the 1 content parameter in conjunction with a /admin/poll/add PATHINFO, the 2 meta parameter in...