CVE-2024-44044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through 3.3.8...

DEBIAN-CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

CVE-2024-44044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through 3.3.8...

CVE-2024-44044 WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through 3.3.8...

CVE-2024-44044 WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Oshine Modules allows Reflected XSS. This issue affects Oshine Modules: from n/a through n/a...

CVE-2024-44044

CVE-2024-44044 affects the WordPress plugin Oshine Modules (versions earlier than 3.3.8). The vulnerability is a Reflected Cross‑Site Scripting (XSS) flaw occurring during web page generation, enabling attacker‑supplied input to be reflected in the page and potentially executed in a victim’s brow...

WordPress plugin Oshine Modules 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2025-6685 · Unknown · Oshine Modules

Name of the Vulnerable Software and Affected Versions: Oshine Modules affected versions not specified Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected cross-site scripting XSS. This can lead to the execution of malicious...

SUSE CVE-2023-25194

A possible security vulnerability has been identified in Apache Kafka Connect API. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka...

RHEL 9 : kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 (RHSA-2025:1434)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1434 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

mysql-selinux bug fix and enhancement update

An update is available for mysql-selinux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SELinux policy modules for MySQL and MariaDB packages. Bug Fixes and...

WordPress Give – Divi Donation Modules plugin <= 2.0.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Anhchangmutrang in WordPress Plugin Give – Divi Donation Modules versions = 2.0.0...

RHEL 9 : kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, and kpatch-patch-5_14_0-70_85_1 (RHSA-2025:1374)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1374 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

Astra Linux – Vulnerability in linux-astra-modules-6.1, linux-6.1

The vulnerability of Linux Astra Modules’ kernel modules is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Azure Linux 3.0 Security Update: kernel (CVE-2024-21803)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21803 advisory. - Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local...

CVE-2022-29831

Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules...

PT-2025-5862 · Unknown · Floodlight

Name of the Vulnerable Software and Affected Versions: Floodlight version 1.2 Description: An issue in Floodlight allows a local attacker to cause a denial of service via the Topology Manager module and Linkdiscovery module. Recommendations: For Floodlight version 1.2, as a temporary workaround,...

CVE-2022-22095

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2024-43373

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

CVE-2024-5574

The WP Magazine Modules Lite plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'blockLayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files ...