MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

SUSE CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

WordPress plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin ProfileGrid versions = 5.9.4.3...

PT-2024-33052 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: radare2 versions 5.8.0 through 5.9.4 Description: The issue allows a local attacker to cause a denial of service via the bf div function. Recommendations: For radare2 versions 5.8.0 through 5.9.4, consider disabling the bf div function as a...

WordPress Event post plugin <= 5.9.4 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Francesco Carlucci in WordPress Plugin Event post versions = 5.9.4...

PT-2023-25755 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ versions = V5.2cu.7594 B20200910 Description: A stack overflow issue was discovered in the UploadCustomModule function via the File parameter. Recommendations: For TOTOLINK CP300+ versions = V5.2cu.7594 B20200910, consider...

Ghost Foundation Ghost 安全漏洞

Ghost Foundation Ghost is a Ghost open source personal blogging system written in JavaScript. A security vulnerability exists in Ghost Foundation Ghost 5.9.4, which stems from an insecure default vulnerability in the post creation feature of Ghost Foundation Ghost 5.9.4. The default installation ...

CVE-2022-36594

creationtimestamp| type| source ---|---|--- 2022-09-02 07:38:47+00:00| seen| https://t.me/cibsecurity/49222...

CVE-2019-17330

The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting XSS attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO...

CVE-2019-5946

creationtimestamp| type| source ---|---|--- 2019-05-17 16:51:32+00:00| seen| https://t.me/cvemitreorg/41...