WordPress plugin WordPress Ajax Load More and Infinite Scroll 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-24043 · WordPress · Ajax Load More/Infinite Scroll

Name of the Vulnerable Software and Affected Versions: Ajax Load More and Infinite Scroll plugin for WordPress versions up to, and including, 1.6.0 Description: The issue is related to Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. Thi...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

SUSE CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

PT-2025-23901 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A problematic vulnerability was found in the function cons stack load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack must...

Radare2 缓冲区错误漏洞

Radare2 is a Libre reverse framework for Unix geeks open-sourced by Radare. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from the mishandling of the parameter -T by the function consstackload in the component radare2, which could lead to memory corruption...

Slow initial page load when connecting to Storefront after upgrading to 2411/2503

After installing StoreFront 2411/2503, connections made to the landing page for a Storefront Store i.e. https://example.com/Citrix/XenAppWeb, users experience a 6 second delay before the logon page fully loads...

NetScaler-13.1-How to limit the IP subnets to access LB vServer with responder policy in NetScaler?

How to allow only specified IP subnets to access LB virtual server with responder policy in NetScaler?...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

CVE-2025-47952

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a...

Scaling DeFi with ZK Rollups: Design, Deployment, and Evaluation of a Real-Time Proof-Of-Concept

Ethereum's scalability limitations pose significant challenges for the adoption of decentralized applications dApps. Zero-Knowledge Rollups ZK Rollups present a promising solution, bundling transactions off-chain and submitting validity proofs on-chain to enhance throughput and efficiency. In thi...

CVE-2025-47952

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a...

CVE-2025-47952 Traefik allows path traversal using url encoding

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a...

[SECURITY] Fedora 41 Update: dnsdist-1.9.10-1.fc41

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

[SECURITY] Fedora 42 Update: dnsdist-1.9.10-1.fc42

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

Malicious code in process-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca9b7f021303c59709dfd4a00e08e0c293215fade24f655e4fe0ff057ef40d4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

NetScaler-How to return a customized error page when the LB is Out Of Service

How to return a customized error page when the LB is Out Of Service in NetScaler...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...