CVE-2026-1714

The CVE concerns the WordPress plugin ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules (All in One Solution). Affected versions: all up to and including 3.3.2. The vulnerability resides in the woolentor_suggest_price_action AJAX endpoint, where there is no validation on the ...

PT-2024-30854 · Jenkins +1 · Cas +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is related to a lack of validation for a parameter before making a request to it. This could allow unauthenticated users to perform a Server-Side Request Forgery SSRF attack. SSR...

UNISOC Chipsets 缓冲区错误漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets FM service module due to a lack of parameter checking...

Unspecified vulnerability in YottaDB (CNVD-2022-31927)

YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB, which stems from a missing parameter validation in the call to memcpy in checkandsettimeout in srunix/ztimeoutroutines.c allowing an attacker to attempt to read from a NULL pointer. No detailed...

CVE-2020-16192

LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters...

CVE-2017-15325

The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow...