88 matches found
CVE-2026-13347
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
CVE-2026-13347
The CVE-2026-13347 entry documents an unauthenticated Arbitrary File Read in WordPress Hide My WP Lite (versions ≤ 1.3) via the he_wrapper_js and he_wrapper_css parameters. The vulnerability stems from elementor_assets_filter() concatenating user input onto ABSPATH and passing it to file_get_cont...
CVE-2026-13347
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
Malicious code in turbo-he (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1da17bf1f37303e3d91056c1ce674462279861bc896e413f1d262548ff6b3647 The package turbo-he was found to contain malicious code. Source: ghsa-malware 6bd9985ec0cf97c08347814d88b84c1c12cd8f22507a76e2a78cacb06c6840a6 Any...
MAL-2026-2943 Malicious code in turbo-he (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1da17bf1f37303e3d91056c1ce674462279861bc896e413f1d262548ff6b3647 The package turbo-he was found to contain malicious code. Source: ghsa-malware 6bd9985ec0cf97c08347814d88b84c1c12cd8f22507a76e2a78cacb06c6840a6 Any...
Malicious Package
Overview turbo-he is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Linux Distros Unpatched Vulnerability : CVE-2025-68380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix peer HE MCS assignment In ath11kwmisendpeerassoccmd, peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as...
EUVD-2025-147694
Malicious code in tobrut-he-nubliesp npm...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989972)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989972 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990255)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990255 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...
EUVD-2017-16608
Malware in sbrugna...
EUVD-2017-16609
Malware in sbrugna...
EUVD-2017-16610
Malware in sbrugna...
Malicious code in storm-he-cassandra-shishi-fenxi (npm)
The package storm-he-cassandra-shishi-fenxi was found to contain malicious code...
MAL-2025-46145 Malicious code in storm-he-cassandra-shishi-fenxi (npm)
The package storm-he-cassandra-shishi-fenxi was found to contain malicious code...
UBUNTU-CVE-2023-4515
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...
UBUNTU-CVE-2025-38509
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject VHT opmode for unsupported channel widths VHT operating mode notifications are not defined for channel widths below 20 MHz. In particular, 5 MHz and 10 MHz are not valid under the VHT specification and must...
Malicious code in @zalastax/nolb-_he (npm)
The package @zalastax/nolb-he was found to contain malicious code...
CVE-2024-48540
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information by analyzing the code and data within the APK file...