31210 matches found
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
EUVD-2025-34553
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
[SECURITY] Fedora 42 Update: rust-protobuf-parse-3.7.2-1.fc42
Parse .proto files. Files are parsed into a protobuf::descriptor::FileDescriptorSet object using either: pure rust parser no dependencies protoc binary more reliable and compatible with Google's implementation...
WordPress plugin Binary MLM Plan 安全漏洞
WordPress Binary MLM Plan plugin is a WordPress plugin designed for network marketing, mainly used to simplify the operational process of multi-level marketing MLM business. WordPress Binary MLM Plan plugin suffers from an elevation of privilege vulnerability that stems from the bmpuser role...
[SECURITY] Fedora 43 Update: rust-protobuf-parse-3.7.2-1.fc43
Parse .proto files. Files are parsed into a protobuf::descriptor::FileDescriptorSet object using either: pure rust parser no dependencies protoc binary more reliable and compatible with Google's implementation...
EUVD-2025-34455
Flowise: Authenticated Command Execution and Sandbox Bypass via Puppeteer and Playwright Packages...
EUVD-2025-34432
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37142
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37142 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37142 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37141 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37141
CVE-2025-37141 : Arbitrary file download vulnerability in the CLI binary of ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. An authenticated attacker could download arbitrary files through carefully crafted exploits. The connected documents corroborate the affected products (AOS-10 GW ...
CVE-2025-37140 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
PT-2025-41978
Name of the Vulnerable Software and Affected Versions AOS-8 Controller/Mobility Conductor affected versions not specified Description An authenticated command injection flaw exists in the CLI binary of the AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow a...
PT-2025-41977
Name of the Vulnerable Software and Affected Versions AOS-8 Controller/Mobility Conductor affected versions not specified Description An authenticated command injection flaw exists in the Command Line Interface CLI binary. Exploitation allows an attacker with valid credentials to execute arbitrar...
PT-2025-42175
Name of the Vulnerable Software and Affected Versions Flowise versions 3.0.1 through 3.0.7 Flowise versions 3.0.8 and later with 'ALLOW BUILTIN DEP' enabled Description The software contains an authenticated remote code execution issue and a node VM sandbox escape. This is due to insecure use of...
Wapiti Web Application Vulnerability Scanner 3.2.7
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...
SolarWinds Database Performance Analyzer (DPA) Installed (Linux)
Binary data solarwindsdpanixinstalled.nbin...
ManageEngine ADSelfService Plus Installed (Windows)
Binary data manageengineadselfservicepluswininstalled.nbin...