39 matches found
CVE-2026-42748
Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through = 5.4.1...
eLabFTW 安全漏洞
eLabFTW is an open-source experimental data hosting platform developed by eLabFTW. This platform runs on the Linux system and supports the storage of various types of objects. Versions of eLabFTW 5.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the login process...
CVE-2026-6741 LatePoint <= 5.4.1 - Authenticated (Agent+) Privilege Escalation to Administrator via 'connect-customer-to-wp-user' Ability
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 5.4.1. This is due to a missing authorization check in the execute method of the connect-customer-to-wp-user ability, which only requires...
SUSE CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003798)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003798 advisory. The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58...
Security Bulletin: IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410
Summary IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410. This bulletin contains information regarding the vulnerability and its fixture...
CVE-2023-53931
Revive Adserver 5.4.1 is affected by a cross-site scripting (XSS) vulnerability in the banner-advanced.php endpoint. The issue arises from unsanitized input passed via the prepend and append parameters, enabling an attacker to inject and execute arbitrary JavaScript when an administrator views th...
CVE-2017-20210
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...
CVE-2017-20210 Photo Station
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...
EUVD-2025-38090
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through = 5.4.1...
EUVD-2025-38091
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through = 5.4.1...
CVE-2025-62030
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through = 5.4.1...
CVE-2025-62031
CVE-2025-62031 is a Cross-Site Scripting (XSS) vulnerability in WordPress plugin tagDiv Composer, affecting versions up to and including 5.4.1. The issue arises from improper neutralization of input during web page generation. According to the sources, this can impact the affected software’s conf...
CVE-2025-62030
The CVE-2025-62030 entry applies to WordPress tagDiv Composer (td-composer) and describes an improper neutralization of input during web page generation, i.e., a Cross-Site Scripting (XSS) vulnerability affecting tagDiv Composer versions through 5.4.1. The Red Hat ENISA and NVD records corroborat...
CVE-2025-62030 WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through = 5.4.1...
WordPress plugin tagDiv Composer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...
CVE-2025-12005 WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress <= 8.5.41 - Improper Authorization to Authenticated (Contributor+) Plugin Settings Update
The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7754-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7754-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
CVE-2024-54514
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox...
WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.4.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability
Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin Print Invoice & Delivery Notes for WooCommerce versions = 5.4.1...