3914 matches found
CVE-2025-9074
CVE-2025-9074 : Docker Desktop exposes the Docker Engine API on the internal subnet (example: 192.168.65.7:2375) without authentication, enabling a container to create a privileged container that mounts host filesystem access. Public writeups and exploits in the connected literature demonstrate a...
PT-2025-34057
Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.44.3 Description A flaw in the container isolation mechanism of Docker Desktop for Windows and macOS allows local Linux containers to gain unauthenticated access to the Docker Engine API via the configured...
VulnCheck KEV: CVE-2023-34105
SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...
CVE-2025-54703
Cross-Site Request Forgery CSRF vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Cross Site Request Forgery.This issue affects Integrate Google Drive: from n/a through = 1.5.2...
Malicious code in test-mlw2-drive-parer (npm)
The package test-mlw2-drive-parer was found to contain malicious code...
MAL-2025-35231 Malicious code in test-mlw2-drive-parer (npm)
The package test-mlw2-drive-parer was found to contain malicious code...
CVE-2025-54703
Cross-Site Request Forgery CSRF vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Cross Site Request Forgery.This issue affects Integrate Google Drive: from n/a through = 1.5.2...
CVE-2025-54703 WordPress Integrate Google Drive Plugin plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Prince Integrate Google Drive allows Cross Site Request Forgery. This issue affects Integrate Google Drive: from n/a through 1.5.2...
CVE-2025-54703
CVE-2025-54703 is a CSRF vulnerability affecting WordPress plugin Integrate Google Drive (aka Prince Integrate Google Drive) up to version 1.5.2. The issue allows CSRF actions by authenticated users; CVSS 3.1 base score is 4.3 (Medium). Affected product/version: Integrate Google Drive for WordPre...
CVE-2025-54703 WordPress Integrate Google Drive plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Cross Site Request Forgery.This issue affects Integrate Google Drive: from n/a through = 1.5.2...
PT-2025-33255 · Unknown · Prince Integrate Google Drive
Name of the Vulnerable Software and Affected Versions: Prince Integrate Google Drive versions through 1.5.2 Description: A Cross-Site Request Forgery CSRF issue exists in Prince Integrate Google Drive, allowing attackers to perform actions on behalf of authenticated users. Recommendations: Update...
WordPress plugin Integrate Google Drive 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1993)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : RDMA/core: Silence oversized kvmalloc warningCVE-2025-37867 igb: revert rtnllock that causes deadlockCVE-2023-53060 bnxten: Avoid order-5 memory...
CVE-2025-7050
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
Linux Distros Unpatched Vulnerability : CVE-2025-22020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove This fixes the following crash:...
A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT
Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed them to extract data from a Google Drive without any user interaction...
ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. "Like a real-world virus variant, this new 'ClickFix ' strain...
CVE-2025-7050
CVE-2025-7050 affects Use-your-Drive | Google Drive plugin for WordPress (versions
CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...