15 matches found
CVE-2025-69301
Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through = 5.6.11...
CVE-2025-69301 WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through = 5.6.11...
CVE-2025-69301
CVE-2025-69301 describes a PHP object injection due to deserialization of untrusted data in the PhotoMe WordPress theme (Theme PhotoMe/photome). Affected: PhotoMe versions n/a through 5.6.11. Root cause: deserialization of untrusted data enabling object injection. Impact (per CVSS 3.1): high conf...
WordPress Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin <= 5.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Element Pack Elementor Addons versions = 5.6.11...
PT-2026-2056
Name of the Vulnerable Software and Affected Versions Samsung Cloud versions prior to 5.6.11 Description A flaw exists in Samsung Cloud that involves improper handling of insufficient permissions. This allows local attackers to access specific files in arbitrary paths. Recommendations Update...
SUSE CVE-2013-3806
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811...
SUSE CVE-2013-3807
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges...
SUSE CVE-2013-3810
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions...
SUSE CVE-2013-3811
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806...
SUSE CVE-2013-5770
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking...
SUSE CVE-2020-12771
An issue was discovered in the Linux kernel through 5.6.11. btreegccoalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails...
Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-19531)
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI version 5.6.11. The vulnerability stems from the...
Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-19533)
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI version 5.6.11. The vulnerability stems from the...
CVE-2020-10821
Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter...
CVE-2013-3811
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806...