2459827 matches found
Cross Site Scripting
Nuxt is vulnerable to cross-site scripting XSS. The vulnerability is due to improper validation of script-capable URLs in the navigateTo open option, where javascript: URLs supplied through user-controlled input are not blocked, allowing attackers to execute arbitrary scripts in the application's...
Exploit for Path Traversal in Rarlab Winrar
Amaranth Project A multi-stage backdoor implantation attack c...
Exploit for Use After Free in Google Chrome
CVE-2026-13036 — Use-After-Free in Blink WidgetBase::UpdateS...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server
CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMa...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server
CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMa...
Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition
Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.12.0 Vulnerability Details CVEID:CVE-2026-42578 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandl...
EUVD-2025-210347
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...
CVE-2025-10268
The CVE-2025-10268 entry concerns the Printcart Web to Print Product Designer for WooCommerce WordPress plugin up to version 2.4.8. The vulnerability is a path traversal flaw that allows an attacker to retrieve directory listings for arbitrary server directories. Affected component: the plugin’s ...
CVE-2025-10268 Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...
CVE-2026-8380 Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...
CVE-2026-8380 Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...
CVE-2026-8380
The CVE-2026-8380 issue affects the Frontend File Manager (nmedia-user-file-uploader) WordPress plugin
EUVD-2026-39626
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...
CVE-2025-10268 Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...
CVE-2026-8380
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...
CVE-2025-10268
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...
Malicious Package
Overview wao is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in @merceas/cross-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f6307129b7d9edcbd76ffc93c9d8a6ae146332951d5ce90e659afe1eec01127 Package is published under the @merceas scope as cross-fetch and reuses the upstream cross-fetch README, homepage github.com/lquixada/cross-fetch, an...
MAL-2026-6510 Malicious code in @merceas/cross-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f6307129b7d9edcbd76ffc93c9d8a6ae146332951d5ce90e659afe1eec01127 Package is published under the @merceas scope as cross-fetch and reuses the upstream cross-fetch README, homepage github.com/lquixada/cross-fetch, an...
MAL-2026-6509 Malicious code in @merceas/anchor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a51319de26245ad91c68a6a6d0713454112443e55f466711e79eb1a23a45b8 Package is published as @merceas/anchor but its README, homepage https://github.com/coral-xyz/anchorreadme, repository, and source are a verbatim cop...