CVE-2025-8996 Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097

Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0...

CVE-2025-6715

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

Drupal Layout Builder Advanced Permissions 安全漏洞

Drupal Layout Builder Advanced Permissions is a permission control extension for the Drupal community. A security vulnerability exists in Drupal Layout Builder Advanced Permissions versions prior to 2.2.0, which stems from a lack of authorization and could lead to forced browsing...

PT-2025-33501 · Drupal · Drupal Layout Builder Advanced Permissions

Name of the Vulnerable Software and Affected Versions: Drupal Layout Builder Advanced Permissions versions 0.0.0 through 2.1.9 Description: Missing authorization allows forceful browsing in Drupal Layout Builder Advanced Permissions. Recommendations: Update to version 2.2.0 or later...

Linux Distros Unpatched Vulnerability : CVE-2019-1010024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE:...

Malicious code in additor-react-grid-layout (npm)

The package additor-react-grid-layout was found to contain malicious code...

Malicious code in d3plus-layout (npm)

The package d3plus-layout was found to contain malicious code...

Malicious code in encrypt-layout-helper (npm)

The package encrypt-layout-helper was found to contain malicious code...

Malicious code in layout-experimental (npm)

The package layout-experimental was found to contain malicious code...

Malicious code in respace-ui-layout (npm)

The package respace-ui-layout was found to contain malicious code...

Malicious code in responsive-layout (npm)

The package responsive-layout was found to contain malicious code...

MAL-2025-24995 Malicious code in layout-experimental (npm)

The package layout-experimental was found to contain malicious code...

MAL-2025-14076 Malicious code in additor-react-grid-layout (npm)

The package additor-react-grid-layout was found to contain malicious code...

MAL-2025-19644 Malicious code in encrypt-layout-helper (npm)

The package encrypt-layout-helper was found to contain malicious code...

MAL-2025-17912 Malicious code in d3plus-layout (npm)

The package d3plus-layout was found to contain malicious code...

MAL-2025-32149 Malicious code in respace-ui-layout (npm)

The package respace-ui-layout was found to contain malicious code...

MAL-2025-32151 Malicious code in responsive-layout (npm)

The package responsive-layout was found to contain malicious code...

CVE-2025-20148

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...

CVE-2025-20148

CVE-2025-20148 affects Cisco Secure Firewall Management Center (FMC) Web UI. The flaw arises from improper validation of user-supplied data, enabling an authenticated attacker (requires at least a Security Analyst, Read Only) to inject arbitrary HTML into device-generated documents. Consequences ...

DRUPAL-CONTRIB-2025-097

The Layout Builder Advanced Permissions module enables you to have fine grained control over who can do what in editing pages built with Layout Builder. The module doesn't sufficiently control access for adding sections in the submodule. This vulnerability is mitigated by the fact that an attacke...