289 matches found
CVE-2022-2696
The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to authorization bypass via several AJAX actions in versions up to, and including 2.3.0 due to missing capability checks and missing nonce validation. This makes it possible for authenticated attacke...
CVE-2021-37682
TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. For example. The issue stems from the fact that quantization.params is only valid if quantization.type is different that...
CVE-2019-10555
Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
SAP Landscape Transformation 安全漏洞
SAP Landscape Transformation is a tool for system data migration and integration from SAP. An authorization issue vulnerability exists in SAP Landscape Transformation that stems from a lack of authorization checks and could be exploited by an attacker to access restricted functionality or data...
libssh security update
An update is available for libssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...
RockyLinux 9 : libssh (RLSA-2024:2504)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2504 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...
PT-2025-18754 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress plugins and themes affected versions not specified Description: The issue concerns multiple plugins and/or themes for WordPress that are vulnerable to unauthorized access due to a missing capability check on several AJAX actions, su...
WordPress plugin NewsBlogger 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...
CLSA-2025-1744116893 c-ares: Fix of CVE-2022-4904
CVE-2022-4904: fix missing checks in aressetsortlist to prevent possible stack overflow...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a failure to check for cstream nulls, which could lead to a null pointer dereference...
CVE-2024-13816
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This mak...
PT-2025-7500
Name of the Vulnerable Software and Affected Versions IP2Location Country Blocker versions up to, and including, 2.38.8 Description The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure due to missing capability checks on the admin init function. This...
CLSA-2025-1739825397 freerdp: Fix of 6 CVEs
CVE-2024-32458: fix missing input length checks - CVE-2024-32459: fix missing input length check - CVE-2024-32460: fix out-of-bound read in interleaveddecompress - CVE-2024-32039: fix integer overflow - CVE-2024-32040: fix missing check - CVE-2024-32041: fix integer overflow...
CVE-2023-34402
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Missing check for virtio Two missing checks in virtionethdrtoskb allowed syzbot to crash kernels again. 1. After the skbsegment function, the buffer may become non-linear nrfrags != 0. However, since the SKBTXSHAREDFRAG...
VulnCheck KEV: CVE-2024-9860
The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'importaction' and 'installpluginperdemo' functions in versions up to, and including, 3.3. This makes it possible for authenticated attackers with...
WordPress plugin Altra Side Menu 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-50695
CVE-2024-50695 affects SunGrow WiNet-SV200.001.00.P027 and earlier versions. The issue is a stack-based buffer overflow that occurs when parsing MQTT messages due to missing MQTT topic bounds checks. Public sources describe the vulnerability as potentially enabling arbitrary code execution remote...
WordPress plugin Atarim 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking buffer lengths before accessing them...