246 matches found
CVE-2025-30983
CVE-2025-30983 affects the gopiplus Card flip image slideshow (WordPress plugin) with versions 1.5 and earlier. The vulnerability is DOM-based XSS caused by improper input neutralization during web page generation. Public sources indicate the issue exists and is currently unpatched; no confirmed ...
WordPress plugin Card flip image slideshow 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-27890 · Unknown · Gopiplus Card Flip Image Slideshow
Name of the Vulnerable Software and Affected Versions: gopiplus Card flip image slideshow versions 1.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker cou...
CVE-2025-53285
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Website Flip Add & Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add & Replace Affiliate Links for Amazon: from n/a through =...
ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks
Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...
BitHydra: Towards Bit-Flip Inference Cost Attack against Large Language Models
Large language models LLMs have shown impressive capabilities across a wide range of applications, but their ever-increasing size and resource demands make them vulnerable to inference cost attacks, where attackers induce victim LLMs to generate the longest possible output content. In this paper,...
CVE-2024-3675
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flip Carousel, Flip Box, Post Grid, and Taxonomy List widgets in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on use...
CVE-2012-6652
Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress wppageflip allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pageflipbooklanguage parameter...
Quantum Support Vector Regression for Robust Anomaly Detection
Anomaly Detection AD is critical in data analysis, particularly within the domain of IT security. In recent years, Machine Learning ML algorithms have emerged as a powerful tool for AD in large-scale data. In this study, we explore the potential of quantum ML approaches, specifically quantum kern...
The vulnerability in the structure of nv50_crc_flip_threshold_fops{} within the drivers/gpu/drm/nouveau/dispnv50/crc.c file – a driver for supporting Direct Rendering Infrastructure (DRI) in NVIDIA’s Linux operating system – allows a hacker to trigger a service failure.
The vulnerability in the structure of nv50crcflipthresholdfops in the drivers/gpu/drm/nouveau/dispnv50/crc.c file affects the Nouveau driver that supports Direct Rendering Infrastructure DRI for NVIDIA’s Linux operating system. This vulnerability arises from improper memory release before deletin...
UBUNTU-CVE-2024-51144
Cross Site Request Forgery CSRF vulnerability exists in the 'pvmsg.php?action=addmessage', pvmsg.php?action=confirmdelete , and ajax.server.php?page=user&action=flipfollow endpoints in Ampache = 6.6.0...
CVE-2022-49051
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...
DEBIAN-CVE-2022-49051
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...
DEBIAN-CVE-2024-56771
In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information These four chips: W25N512GW W25N01GW W25N01JW W25N02JW all require a single bit of ECC strength and thus feature an on-die Hamming-like ECC engine. There is no...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from improper handling of ECC information on four of Winbond's SPI NAND chips W25N512GW, W25N01GW, W25N01J...
Bit flip attack vulnerability in cookie-encrypter
due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...
GHSA-H63V-HW6G-X8HP Bit flip attack vulnerability in cookie-encrypter
due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...
The vulnerability of the DRM/GMA500 components of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the DRM/GMA500 components in Linux operating systems is related to incorrect blocking in the gmacrtcpageflip function. Exploiting this vulnerability can allow a hacker to trigger a service failure...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that stems from a heap memory leak...
SUSE CVE-2023-45662
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn't match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...