11 matches found
nanoclaw 路径遍历漏洞
Nanoclaw is a lightweight tool developed by Qwibit.ai, designed for securely running AI assistants within independent containers. Nanoclaw has a path traversal vulnerability. This vulnerability stems from issues with the host/container file system boundaries during outbound attachment processing...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from environmental variable cleanup issues, where GITTEMPLATEDIR and AWSCONFIGFILE were not protected...
Discourse 安全漏洞
Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain security vulnerabilities. These...
Weak Password Recovery Mechanism for Forgotten Password
Overview Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the ResetPassword function and the background token cleanup process. An attacker can gain persistent unauthorized access to user accounts by reusing intercepted password reset...
WordPress plugin Rank Math SEO with AI Best SEO Tools 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin MM-email2image 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
The vulnerability of the mDNS gateway function in Cisco IOS XE wireless controller Catalyst Series 9800 allows a attacker to cause a service failure.
The vulnerability of the multicast DNS mDNS function in Cisco IOS XE wireless controller Catalyst Series 9800 devices is related to incomplete cleanup of temporary or auxiliary resources during the processing of mDNS requests. Exploiting this vulnerability allows a malicious actor to cause servic...
WordPress Plugin Bold Page Builder Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Plugin SEO Slider Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin SEO Slider 1.1.0 and...
curl: HTTP proxy double-free
A vulnerability was found in curl. The issue occurs if curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL. It sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this...
HTTP proxy double free
If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of protocol through. An HTTP proxy might refuse this request HTTP proxies often only allow outgoing...