4173 matches found
CVE-2025-13786
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...
PUB-A-421250936
In PrepareWorkloadBuffers of gxpmainactor.cc, there is a possible double fetch due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2025-199928
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...
CVE-2025-13786
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...
CVE-2025-13786 taosir WTCMS index.php fetch code injection
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...
CVE-2025-13786 taosir WTCMS index.php fetch code injection
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...
CVE-2025-13786
CVE-2025-13786 affects taosir WTCMS. The vulnerability is in the fetch function of /index.php, where manipulation of the content parameter leads to code injection. Impact is remote execution with high severity; exploit publicly available. The product uses a rolling release, and the reports do not...
PT-2025-48388
Name of the Vulnerable Software and Affected Versions taosir WTCMS affected versions not specified Description A code injection issue exists in the fetch function of the /index.php file. Manipulation of the content argument can lead to code injection, and the attack can be initiated remotely. The...
CVE-2025-13380
The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1. This is due to insufficient validation of user-supplied file paths in the 'lqdaiupdatepost' AJAX endpoint and the use of filegetconten...
JLSEC-2025-265 Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_d...
Null source pointer passed as an argument to memcpy function within TIFFFetchNormalTag in tifdirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file...
JLSEC-2025-260 Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_d...
Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712...
Malicious code in @voiceflow/fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae935a1a5c4c3792b0a6e51cfeca10ee5d11192e0928bf28ac3fd58ce89c24b7 The package @voiceflow/fetch was found to contain malicious code. Source: ghsa-malware 18354d00f52198c519ac2adf8360486ea1817d9cd1e577fe147eaff0d7633f...
MAL-2025-191348 Malicious code in @voiceflow/fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae935a1a5c4c3792b0a6e51cfeca10ee5d11192e0928bf28ac3fd58ce89c24b7 The package @voiceflow/fetch was found to contain malicious code. Source: ghsa-malware 18354d00f52198c519ac2adf8360486ea1817d9cd1e577fe147eaff0d7633f...
EUVD-2025-199414
Malicious code in @voiceflow/fetch npm...
EUVD-2025-199046
Malicious code in react-native-fetch npm...
MAL-2025-190997 Malicious code in react-native-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b96159f9c8f74a56ea1f03322401befd0e090840e21dff7d1cc37db649e8cd58 The package react-native-fetch was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-native-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b96159f9c8f74a56ea1f03322401befd0e090840e21dff7d1cc37db649e8cd58 The package react-native-fetch was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-native-retriable-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a3d5e2b867c8c149b9f1a79751ad5cfa9699fe24ec38d49770f9f80a37b3aa The package react-native-retriable-fetch was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199039
Malicious code in react-native-retriable-fetch npm...
MAL-2025-191004 Malicious code in react-native-retriable-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a3d5e2b867c8c149b9f1a79751ad5cfa9699fe24ec38d49770f9f80a37b3aa The package react-native-retriable-fetch was found to contain malicious code. Source: ghsa-malware...