CVE-2024-33288

The CVE-2024-33288 entry covers a SQL injection vulnerability in Prison Management System Using PHP v1.0, exposed on the Admin login page via the username parameter. Multiple connected sources document an authentication bypass PoC and public exploits targeting admin access (e.g., by injecting adm...

firefox security update

140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.10.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.0-1 - Update to 140.10.0 ESR...

thunderbird security update

140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR...

thunderbird security update

140.7.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.7.0 - Add OpenELA debranding 140.7.0-1 - Update to 140.7.0 ESR...

CVE-2024-30547

CVE-2024-30547 is a DOM-based Cross-Site Scripting vulnerability in the WordPress plugin “Header Image Slider” where improper neutralization of input during web page generation allows DOM-based XSS. Affected: Header Image Slider versions up to 0.3. Root cause determined in connected sources as im...

CVE-2023-41656

CVE-2023-41656 is a broken access control vulnerability in the WordPress plugin Better Elementor Addons up to version 1.3.7, allowing exploitation of incorrectly configured access control security levels. The issue is categorized as Missing Authorization with a CVSSv3.1 base score of 5.4 (Medium)...

Oracle Linux 9 : thunderbird (ELSA-2025-14640)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-14640 advisory. 128.14.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.14.0 - Add OpenELA debranding 128.14.0-3 - Update to 128.14.0 build2...

CVE-2023-7168

CVE-2023-7168 affects the WordPress plugin Better Follow Button for Jetpack (

April 8, 2025-KB5055688 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022

April 8, 2025-KB5055688 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: April 8, 2025 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows Server 2022. Security...

KB5052020: Windows Server 2012 Security Update (February 2025)

The remote Windows host is missing security update 5052020. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2025-21208, CVE-2025-21410 - Windows Telephony Service Remote Code Execution Vulnerability...

CVE-2023-28120

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...

CVE-2023-45272

CVE-2023-45272 affects WordPress plugin 10Web Map Builder for Google Maps (versions

CVE-2023-47188

CVE-2023-47188 affects the WordPress plugin Simple Job Board (versions

CVE-2023-46611

CVE-2023-46611 concerns the WordPress YOP Poll plugin (

CVE-2022-21505

CVE-2022-21505: In the Linux kernel IMA, enabling appraisal with ima_appraise=log can bypass lockdown on systems where Secure Boot is disabled or unavailable. IMA blocks ima_appraise=log via boot params when Secure Boot is enabled, but this protection does not cover lockdown used without Secure B...

CVE-2023-44149

CVE-2023-44149 affects the WordPress plugin Brands for WooCommerce (versions

CVE-2023-25714

CVE-2023-25714 — WordPress Quick Paypal Payments plugin : A Missing Authorization (Broken Access Control) vulnerability in Quick Paypal Payments (versions

CVE-2023-47822

CVE-2023-47822 : WordPress plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar has a Missing/Broken Access Control vulnerability. Affected versions are

CVE-2023-47830

CVE-2023-47830 is a WordPress plugin vulnerability in Live Preview for Contact Form 7, affecting versions

CVE-2018-9421

CVE-2018-9421 is a local information-disclosure flaw in Android’s Media framework involving Parcel.cpp writeInplace and Binder; uninitialized data could leak across processes. Current documents confirm the issue and indicate it affects Android devices via local access with no user interaction. Th...