CVE-2026-4811 WPB Floating Menu or Categories – Sticky Floating Side Menu & Categories with Icons <= 1.0.8 - Authenticated (Editor+) Stored Cross-Site Scripting via 'Icon CSS Class' Category Field

The WPB Floating Menu & Categories for WordPress – Sticky Side Menu with Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Icon CSS Class' category field in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This mak...

CVE-2026-4811 WPB Floating Menu or Categories – Sticky Floating Side Menu & Categories with Icons <= 1.0.8 - Authenticated (Editor+) Stored Cross-Site Scripting via 'Icon CSS Class' Category Field

The WPB Floating Menu & Categories for WordPress – Sticky Side Menu with Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Icon CSS Class' category field in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This mak...

CVE-2025-14040

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

CVE-2020-7451

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

EUVD-2012-1465

Malware in sbrugna...

EUVD-2020-28577

Malware in sbrugna...

CVE-2024-1235

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributo...

PT-2024-12668 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.0.0 through 7.4.3.87 Liferay DXP versions 7.4 GA through update 87 Liferay DXP versions 7.3 GA through update 29 Description: A cross-site scripting XSS issue in the edit Service Access Policy page allows remote...

PT-2024-40680 · Git +1 · Quickjs

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash state includes functions such as emit goto, emit class field init, and js parse function...

PT-2024-17559 · Livemesh · Elementor Addons

Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.2 Description: The issue is related to Stored Cross-Site Scripting via the custom class field due to insufficient input sanitization and output escaping. Thi...

Combodo iTop 安全漏洞

Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The program provides incident management, configuration management and problem management. Combodo iTop version 2.7.4 prior to a security vulnerabilit...

CVE-2012-1442

The ELF file parser in Quick Heal aka Cat QuickHeal 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway formerly Webwasher 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising...

Design/Logic Flaw

The ELF file parser in Quick Heal aka Cat QuickHeal 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway formerly Webwasher 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising...

CVE-2012-1442

The CVE-2012-1442 entry concerns an ELF file parser flaw that affects multiple antivirus products (e.g., Quick Heal/Cat QuickHeal 11.00, McAfee AV/Engine 5.400.0.1158, McAfee Gateway 2010.1C, eSafe 7.0.17.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, Sophos 4.61.0, AVL SDK 2.0.3.7, Rising 22.83.0...

DEBIAN-CVE-2009-1086

Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...

CVE-2009-1086

Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...

CVE-2009-1086

Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...

CVE-2009-1086

Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...