11 matches found
CVE-2025-57713
CVE-2025-57713 concerns QNAP File Station 5. The weakness is a weak authentication mechanism that could allow remote attackers to obtain sensitive information. Disclosed across multiple sources, with a fix released in File Station 5 5.5.6.5166 and later; affected versions prior to this may be vul...
EUVD-2025-205459
FastMCP updated to MCP 1.23+ due to CVE-2025-66416...
WordPress plugin ProfileGrid security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...
DEBIAN-CVE-2023-34246
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...
PT-2023-24770 · Unknown +2 · Doorkeeper +2
Name of the Vulnerable Software and Affected Versions: Doorkeeper versions prior to 5.6.6 Description: The issue concerns Doorkeeper, an OAuth 2 provider for Ruby on Rails and Grape, which automatically processes authorization requests without user consent for public clients that have been...
SUSE CVE-2018-3817
When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information...
SUSE CVE-2022-0849
Use After Free in rreggetnameidx in GitHub repository radareorg/radare2 prior to 5.6.6...
WordPress plugin Booster for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2020-7315
DLL Injection Vulnerability in McAfee Agent MA for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL...
CVE-2018-9193
A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows...
Elasticsearch Kibana Cross-Site Scripting Vulnerability
Elasticsearch Kibana formerly known as elasticsearch-dashboard is a suite of open-source, browser-based analytics and search Elasticsearch dashboard tools from the Dutch company Elasticsearch. A cross-site scripting vulnerability exists in Elasticsearch Kibana versions 5.6.6 and 6.1.2, which stem...