EUVD-2025-34984

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

CVE-2025-11256

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

CVE-2025-11256 Kognetiks Chatbot <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

EUVD-2023-37079

Malicious code in bioql PyPI...

SAGE: Exploring the Boundaries of Unsafe Concept Domain with Semantic-Augment Erasing

Diffusion models DMs have achieved significant progress in text-to-image generation. However, the inevitable inclusion of sensitive information during pre-training poses safety risks, such as unsafe content generation and copyright infringement. Concept erasing finetunes weights to unlearn...

CVE-2023-32858

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008...

Watermark Overwriting Attack on StegaStamp Algorithm

This paper presents an attack method on the StegaStamp watermarking algorithm that completely removes watermarks from an image with minimal quality loss, developed as part of the NeurIPS "Erasing the invisible" competition...

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

CVE-2023-32858

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008...

CVE-2023-32858

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008...

Information disclosure

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008...

CVE-2023-32858

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008...

CVE-2023-32858

The CVE-2023-32858 entry concerns the GZ module (MediaTek context) with a missing data erasing causing local information disclosure. Root cause is not clearly detailed beyond the data erasure gap; the impact states local information disclosure with System execution privileges required, and exploi...

PT-2023-24081 · Gz · Gz

Name of the Vulnerable Software and Affected Versions: GZ affected versions not specified Description: The issue is related to a possible information disclosure due to a missing data erasing in GZ. This could lead to local information disclosure with System execution privileges needed. User...

GHSA-WP2P-Q35G-3RJJ Malicious Package in soket.io

All versions of soket.io are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation This...

GHSA-M5P4-7WF9-6W99 Malicious Package in regenrator

All versions of regenrator are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation This...

InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution Vulnerability

Exploit for php platform in category web applications InfraPower PPS-02-S Q213V1 Unauthenticated Remote Root Command Execution Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware:...

Analysis Shows Traces of Wiper Malware, But No Links to Flame

One of the things about the investigation into the Flame malware that’s remained unclear for several months now is what ever became of the so-called Wiper virus that had been seen erasing data on machines in Iran and that led researchers to eventually discover Flame. No actual samples of Wiper ha...

LulieBlog 1.0.1 (delete id) Remote Admin Bypass Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- LulieBlog 1.0.1 delete id Remote Admin Bypass Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x contact: ka0x01atgmail.com D.O.M TEAM 2008 we are: ka0x,...