CVE-2026-40745

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

WordPress plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-984871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984871 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior an...

September 9, 2025—KB5065427 (OS Build 14393.8422)

September 9, 2025—KB5065427 OS Build 14393.8422 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updat...

mysql: Optimizer unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type is an application from Six Apart USA. It provides features such as multiple users, comments, references TrackBack, themes, etc. The vulnerability is caused by a cross-site scripting vulnerability in Six Apart Movable Type prior to version 8.4.2. A cross-site scripting...

AZL-50384 CVE-2024-21213 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute...

AZL-50591 CVE-2024-21194 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2024-31368

Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2...

CVE-2024-31369

Cross-Site Request Forgery CSRF vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2...

Frrouting frr-bgpd 安全漏洞

Frrouting frr-bgpd is a Frrouting open source freeware for implementing and managing various IPv4 and IPv6 routing protocols. A security vulnerability exists in Frrouting frr-bgpd version v.8.4.2, which originated from a vulnerability that allows remote attackers to cause a denial of service via...

CVE-2019-20413

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2...

PT-2022-4365 · Qpdf +3 · Qpdf +3

Name of the Vulnerable Software and Affected Versions: QPDF version v8.4.2 Description: The issue is related to a heap buffer overflow via the function QPDF::processXRefStream. This allows attackers to cause a Denial of Service DoS via a crafted PDF file. The vulnerability is associated with the...