CVE-2026-32516 WordPress Miraculous Core Plugin plugin < 2.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through 2.1.2...

CVE-2026-32516 WordPress Miraculous Core Plugin plugin < 2.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through 2.1.2...

CVE-2026-32515

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...

CVE-2026-1554

XML Injection aka Blind XPath Injection vulnerability in Drupal Central Authentication System CAS Server allows Privilege Escalation.This issue affects Central Authentication System CAS Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2...

Azure Linux 3.0 Security Update: python-waitress (CVE-2022-31015)

The version of python-waitress installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-31015 advisory. - Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and...

CVE-2016-10704

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503...

CVE-2021-24599

The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data...

tar-fs 安全漏洞

tar-fs is a tar-stream file system bundle. A security vulnerability exists in tar-fs versions prior to 1.16.4, prior to 2.1.2, and prior to 3.0.8, which originates from path traversal when decompressing a malicious tar file...

PT-2024-13859 · Rengine · Rengine

Name of the Vulnerable Software and Affected Versions: reNgine versions prior to 2.1.2 Description: The issue allows OS Command Injection if an adversary has a valid session ID. The attack involves placing shell metacharacters in an "api/tools/waf detector/?url=" string. The commands are executed...

PT-2023-23813 · WordPress · All-In-One Floating Contact Form

Name of the Vulnerable Software and Affected Versions: All-in-one Floating Contact Form WordPress plugin versions prior to 2.1.2 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is...

CVE-2022-43748

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in file operation management in Synology Presto File Server before 2.1.2-1601 allows remote attackers to write arbitrary files via unspecified vectors...

CVE-2022-31604

NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of...

CVE-2021-45089

Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control...

PT-2021-21067 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.1.2 Description: The issue affects the logging server in Apache Airflow, which has no authentication and allows reading log files of DAG jobs when remote logging is not used. This could potentially expose...

Harbor Authorization Issues Vulnerability

Harbor is an open source trusted cloud native registry from the Cloud Native Computing Foundation. The product is primarily used to store, sign, and scan container images for vulnerabilities. An authorization issue vulnerability exists in Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2, which stem...

PT-2020-17015 · Multi-Ini · Multi-Ini

Name of the Vulnerable Software and Affected Versions: multi-ini versions prior to 2.1.2 Description: The issue allows an object's prototype to be polluted by specifying the constructor.proto object as part of an array, effectively bypassing a previous security measure. Recommendations: For...

PT-2020-14273 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: The Shard API in TensorFlow expects the last argument...

PT-2020-14280 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: A crafted TFLite model can force a node to have as...

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-35694)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in versions prior to FreeRDP 2.1.2. The vulnerability stems from a networked system or product performing operations in memory without properly validating data...

Red Hat JBoss ON Unauthorized Access Vulnerability

Red Hat JBoss ON is the United States Red Hat Red Hat, an open source Java network management software. The software is mainly used to develop, test, deploy and monitor the application life cycle An unauthorized access vulnerability exists in Red Hat JBoss ON version 2.1.x prior to 2.1.2 SP1, whi...