180 matches found
CVE-2025-11980
CVE-2025-11980 affects the WordPress Quick Featured Images plugin prior to 13.7.4. The vulnerability is an SQL Injection in the delete_orphaned function due to insufficient escaping and unsafe SQL construction. Exploitation requires Editor+ privileges and user interaction (an author-level user mu...
CVE-2025-11980 Quick Featured Images <= 13.7.3 - Authenticated (Editor+) SQL Injection via delete_orphaned
The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
Improper Preservation of Permissions
Overview Affected versions of this package are vulnerable to Improper Preservation of Permissions due to the improper removal of ClusterRoleBinding objects when a custom administrative global role or its binding is deleted. An attacker can retain unauthorized access to clusters by leveraging...
Improper Preservation of Permissions
Overview Affected versions of this package are vulnerable to Improper Preservation of Permissions due to the improper removal of ClusterRoleBinding objects when a custom administrative global role or its binding is deleted. An attacker can retain unauthorized access to clusters by leveraging...
Rancher user retains access to clusters despite Global Role removal
Impact A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that: - Have a on in rule for resources - Hav...
PT-2025-43690
Name of the Vulnerable Software and Affected Versions Rancher versions prior to 2.12.3 Rancher versions prior to 2.11.7 Description A flaw exists in Rancher Manager where removing a custom GlobalRole granting administrative access, or its corresponding binding, does not revoke the user's access t...
EUVD-2012-2319
Malware in sbrugna...
EUVD-2013-4359
Malware in sbrugna...
EUVD-2018-7908
Malware in sbrugna...
EUVD-2025-22514
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-42310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
2FAuth 安全漏洞
2FAuth is a web application from Bubka Personal Developers for managing two-factor authentication 2FA accounts and generating their security codes. A security vulnerability exists in 2FAuth version v5.5.0 that stems from a group deletion contention condition that could lead to data inconsistencie...
PT-2025-30666 · 2Fauth · 2Fauth
Name of the Vulnerable Software and Affected Versions: 2FAuth version 5.5.0 Description: A group deletion race condition can lead to data inconsistencies and orphaned accounts when a group is deleted while other operations are in progress. Recommendations: At the moment, there is no information...
CVE-2025-45731
CVE-2025-45731 relates to a group deletion race condition in the 2FAuth v5.5.0 application. The issue arises when a group is deleted while other operations are pending, leading to data inconsistencies and orphaned accounts. The connected documents confirm the affected product and the underlying c...