Unity Linux 20.1070e Security Update: springframework (UTSA-2025-680594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680594 advisory. n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a...

WordPress plugin Order Splitter for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

CVE-2024-13794

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...

PT-2024-18761 · Samsung · Samsung Data Store

Name of the Vulnerable Software and Affected Versions: Samsung Data Store versions prior to 5.3.00.4 Description: The issue is related to improper access control in Samsung Data Store, allowing local attackers to launch arbitrary activities with the privilege of Samsung Data Store. Recommendation...

Thycotic Password Reset Server 信息泄露漏洞

Thycotic Password Reset Server is a password reset server from Thycotic, U.S.A. A security vulnerability exists in versions of Thycotic Password Reset Server prior to 5.3.0, which stems from the password reset server allowing credentials to be exposed. An attacker could exploit the vulnerability ...

IBM Elastic Storage Server Spectrum Scale Denial of Service Vulnerability (CNVD-2020-52392)

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

Cisco ACE 4710 Application Control Engine Command Injection Vulnerability

Cisco ACE 4710 Application Control Engine is the United States Cisco Cisco a set of ACE application switch series and used to increase the security and stability of data center applications load balancing and application delivery solutions. A command injection vulnerability exists in the Cisco AC...