CVE-2014-125005

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodevolheader of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix...

CVE-2013-10015

A vulnerability has been found in fanzila WebFinance 0.5 and classified as critical. This vulnerability affects unknown code of the file htdocs/admin/saveContractSignerRole.php. The manipulation of the argument n/v leads to sql injection. The patch is identified as...

Oracle Linux 9 : gstreamer1-plugins-good (ELSA-2025-7242)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7242 advisory. - Apply patches for CVE-2024-47537, CVE-2024-47539, CVE-2024-47540 CVE-2024-47543, CVE-2024-47544, CVE-2024-47545, CVE-2024-47546, CVE-2024-47596,...

WordPress Builty Theme <= 1.4.0 is vulnerable to Local File Inclusion

Software Builty Type Theme Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48290 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 59fa2331d0c1 Credits Bonds Required privilege Unauthenticated Published...

WordPress Kaffen Theme <= 1.2.5 is vulnerable to Local File Inclusion

Software Kaffen Type Theme Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48290 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 362157fa6efa Credits Bonds Required privilege Unauthenticated Published...

WordPress CM Tooltip Glossary plugin < 4.3.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Felipe Caon in WordPress Plugin CM Tooltip Glossary versions 4.3.4...

WordPress Responsive Gallery Grid plugin < 2.3.15 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Responsive Gallery Grid versions 2.3.15...

CVE-2025-47794

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1, an attacker on a multi-user system may read temporary files from Nextcloud...

CVE-2025-47275

Summary: CVE-2025-47275 affects Auth0-PHP SDKs used with CookieStore across multiple Auth0 integrations (Laravel, WordPress, Symfony). Affected versions: Auth0-PHP in 8.0.0-BETA1 up to, but not including, 8.14.0. Applications using the SDK or linked Auth0 wrappers relying on it may have session c...

PT-2025-21147 · Zohocorp · Zoho Manageengine Adselfservice Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior Description: The issue concerns an authenticated SQL injection in the MFA reports. Recommendations: For versions 6513 and prior, consider restricting access to the MFA reports...

Medium: elfutils

Issue Overview: A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function libdwthreadtail in the library libdwalloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer.This bulletin contains information regarding the vulnerability and its fixture...

WordPress Envolve Plugin plugin <= 1.0 - Unauthenticated Arbitrary File Upload via language_file and fonts_file vulnerability

Unauthenticated Arbitrary File Upload via languagefile and fontsfile vulnerability discovered by Foxyyy in WordPress Plugin Envolve Plugin versions = 1.0...

WordPress PGS Core plugin <= 5.8.0 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by István Márton in WordPress Plugin PGS Core versions = 5.8.0...

PT-2025-19337 · Unknown · Phpgurukul Online Dj Booking Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online DJ Booking Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul Online DJ Booking Management System. The issue affects the file /admin/user-search.php, where the manipulation of the...

WordPress SureForms plugin < 1.4.4 - Contributor+ Settings Update vulnerability

Contributor+ Settings Update vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin SureForms versions 1.4.4...

CVE-2025-4002 RefindPlusRepo RefindPlus BootLog.c GetDebugLogFile null pointer dereference

A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The patch is...

Planet Technology Industrial Switch Flaws Risk Full Takeover – Patch Now

Immersive security researchers discovered critical vulnerabilities in Planet Technology network management and switch products, allowing full device control.…...

PT-2025-20476 · Totolink · Totolink N150Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N150RT version 3.4.0-B20190525 Description: A critical vulnerability has been found in the TOTOLINK N150RT, affecting some unknown processing of the file /boafrm/formWsc. The manipulation of the localPin argument leads to buffer...

WordPress Crossword Compiler Puzzles plugin <= 5.2 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by astra.r3verii in WordPress Plugin Crossword Compiler Puzzles versions = 5.2...