CVE-2026-31886

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

WordPress plugin Advance WP Query Search Filter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

WordPress plugin wpForo Forum SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugi...

CVE-2025-62736

Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Cleanup: from n/a through = 1.9.2...

kernel: workqueue: Put the pwq after detaching the rescuer from the pool

A vulnerability was found in the Linux kernel's work queue subsystem, which manages background task execution. The issue stems from improper handling of the "rescuer" thread during the cleanup of unbound work queues...

EUVD-2021-23668

Malware in sbrugna...

EUVD-2023-32785

Malicious code in bioql PyPI...

EUVD-2023-2737

Malicious code in bioql PyPI...

EUVD-2024-16112

Malicious code in bioql PyPI...

EUVD-2022-28146

Malicious code in bioql PyPI...

WordPress plugin SB Breadcrumbs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2022-50000

CVE-2022-50000 affects the Linux kernel netfilter flowtable cleanup. The issue arises when a flow table entry has pending hardware stats/add work; in that case HW delete work is skipped, causing a race between software/ hardware cleanup and potentially a use-after-free during flowtable teardown. ...

CVE-2023-29184

CVE-2023-29184 describes an incomplete cleanup (CWE-459) vulnerability affecting Fortinet FortiOS and FortiProxy. Affected: FortiOS 7.2 all versions and earlier, and FortiProxy 7.2.0–7.2.2 and before 7.0.8. Exploitation allows a VDOM-privileged attacker to silently add SSH key files via crafted C...

CVE-2021-22428

There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass...

CVE-2020-13451

An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros...

CLSA-2025-1741286028 Fix CVE(s): CVE-2023-42795

SECURITY UPDATE: Incomplete Cleanup vulnerability in Tomcat - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle methods - CVE-2023-42795...

CVE-2024-57975 btrfs: do proper folio cleanup when run_delalloc_nocow() failed

In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when rundelallocnocow failed BUG With CONFIGDEBUGVM set, test case generic/476 has some chance to crash with the following VMBUGONFOLIO: BTRFS error device dm-3: cowfilerange failed, start 1146880 e...

CVE-2022-49295 nbd: call genl_unregister_family() first in nbd_cleanup()

In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL pointer dereference, address:...

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

...

CVE-2025-0473 Incomplete Cleanup vulnerability in PMB platform

Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file upload functionality on the ‘/pmb/authorities/import/iimportauthorities’ endpoint. When a file is uploaded via this...