624 matches found
WordPress plugin Year Make Model Search for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plug...
Projectworlds Student Project Allocation System 注入漏洞
Projectworlds Student Project Allocation System is a student project allocation system from Projectworlds India. Projectworlds Student Project Allocation System version 1.0 suffers from an injection vulnerability that stems from SQL injection due to incorrect manipulation of parameters...
OESA-2025-1516 mariadb security update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
The vulnerability of the COMM_MakeCustomMsg function in D-Link DSL-3788 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the COMMMakeCustomMsg function in D-Link DSL-3788 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
Security update for rabbitmq-server
This update for rabbitmq-server fixes the following issues: CVE-2025-30219: Fixed XSS in an error message in Management UI bsc1240071 Other fixes: - Disable parallel make, this causes build failures Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
SUSE-SU-2025:1466-1 Security update for rabbitmq-server
This update for rabbitmq-server fixes the following issues: - CVE-2025-30219: Fixed XSS in an error message in Management UI bsc1240071 Other fixes: - Disable parallel make, this causes build failures...
Malicious code in make-plural-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef999981379280f98605a8386dda39c26b1b27975f440cb627710a7f01a213ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3635 Malicious code in make-plural-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef999981379280f98605a8386dda39c26b1b27975f440cb627710a7f01a213ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-53121
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...
UBUNTU-CVE-2023-53121
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from tcpmakesynack not disabling preemption when accessing per-CPU variables in the process context...
CVE-2025-32438
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...
CVE-2025-32511 WordPress Make Email Customizer for WooCommerce plugin <= 1.0.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Excellent Dynamics Make Email Customizer for WooCommerce make-email-customizer-for-woocommerce allows Reflected XSS.This issue affects Make Email Customizer for WooCommerce: from n/a through = 1.0....
WordPress plugin Make Email Customizer for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdir
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a...
CVE-2025-32438
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...
CVE-2025-32438
CVE-2025-32438 affects make-initrd-ng used on NixOS. A local user can escalate privileges by exploiting shutdown behavior when systemd.shutdownRamfs.enable is on (default). A program created by a low-privilege user can be executed by root during system shutdown, enabling total impact on confident...
CVE-2025-32438 Local privilege escalation in make-initrd-ng
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...
CVE-2025-32438 Local privilege escalation in make-initrd-ng
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...
CVE-2025-32438 Local privilege escalation in make-initrd-ng
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...