CVE-2025-67952

CVE-2025-67952 is a reflected XSS in the WordPress ThemeGoods Grand Tour theme prior to version 5.6.2. The initial record confirms the vulnerability and affected version, with remediation via upgrading to 5.6.2 or later (patched). The connected sources also catalog the same CVE across multiple fe...

CVE-2025-64190

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.6...

EUVD-2025-205820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme.Com XStore Core allows DOM-Based XSS.This issue affects XStore Core: from n/a before 5.6...

Linux Distros Unpatched Vulnerability : CVE-2022-0139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. CVE-2022-0139 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2019-20810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak,...

UBUNTU-CVE-2024-26134

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

SUSE CVE-2014-4238

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR...

SUSE CVE-2015-8877

The gdImageScaleTwoPass function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service memory consumption via a crafted call, as demonstrated ...

SUSE CVE-2016-4072

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...

UBUNTU-CVE-2022-1207

Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary...

Linux kernel 路径遍历漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A path traversal vulnerability exists in versions of Linux kernel prior to 5.6, which stems from its failure to safely handle the root directory during path lookups, so that...

php: Out-of-bounds read in phar_parse_pharfile

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the pharparsepharfile function in ext/phar/phar.c...