CVE-2025-48302 WordPress FundEngine Plugin <= 1.7.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Roxnor FundEngine wp-fundraising-donation allows PHP Local File Inclusion.This issue affects FundEngine: from n/a through = 1.7.4...

CVE-2025-54017

CVE-2025-54017 is a PHP Local File Inclusion in the WordPress plugin Paid Member Subscriptions (vulnerable up to 2.15.4). The root cause is improper control of include/require filenames, enabling local file inclusion. The vulnerability is rated high (CVSS 3.1 base 7.5) with network access, high i...

CVE-2025-9132

Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-9132

Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2025-33919 · Caliris +1 · Caliris +1

Name of the Vulnerable Software and Affected Versions: Caliris versions not specified through 1.5 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion in CocoBasic Caliris. Recommendations: At the...

Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure 安全漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco, Inc.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application used to simplify the management of wireless and wired networks. Cisco...

PT-2025-34046 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V5.0 V02.03.01.110 Description: An authentication bypass exists in the HTTP authentication functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this...

Linux Distros Unpatched Vulnerability : CVE-2020-10719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an...

Linux Distros Unpatched Vulnerability : CVE-2017-5117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive...

Tenda AC6 安全漏洞

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. The Tenda AC6 suffers from an authentication bypass vulnerability, which stems from a bypass problem in the...

PT-2025-34031 · Jetbrains · Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2025.2 Description: A HTML injection issue was possible through the Remote Development feature. Recommendations: Update JetBrains IntelliJ IDEA to version 2025.2 or later...

PT-2025-34049 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 versions V02.03.01.110 Description: A stack-based buffer overflow exists in the Cloud API functionality. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this...

Linux Distros Unpatched Vulnerability : CVE-2018-6093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2021-31807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when deliveri...

Linux Distros Unpatched Vulnerability : CVE-2022-1259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the...

Linux Distros Unpatched Vulnerability : CVE-2018-17471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML...

RHEL 8 : tomcat (RHSA-2025:14182)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14182 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS ...

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125 apache-commons-fileupload: Apache...

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.15.6.SP1 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

Exploit for CVE-2025-8723

⚡️ Cloudflare Image Resizing Description: The plugin'...