CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

EUVD-2025-206313

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unsafe executable resolution when exporting notebooks containing SVG output to PDF. During export, the svg2pdf.py preprocessor resolves the inkscape executable using shutil.which, which on Windows...

EUVD-2022-25053

Malicious code in bioql PyPI...

EUVD-2025-11570

Malicious code in bioql PyPI...

Google Android elevation of privilege vulnerability (CNVD-2026-00031)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by intent redirection in multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...

CVE-2022-1772

The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site's administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing th...

CVE-2025-39442

Cross-Site Request Forgery CSRF vulnerability in MessageMetric Review Wave – Google Places Reviews review-wave-google-places-reviews allows Stored XSS.This issue affects Review Wave – Google Places Reviews: from n/a through = 1.4.7...

CVE-2025-39442

Cross-Site Request Forgery CSRF vulnerability in MessageMetric Review Wave – Google Places Reviews review-wave-google-places-reviews allows Stored XSS.This issue affects Review Wave – Google Places Reviews: from n/a through = 1.4.7...

CVE-2025-39442

CVE-2025-39442 affects the WordPress plugin Review Wave – Google Places Reviews (Review Wave – Google Places Reviews) up to version 1.4.7. The issue is a Cross-Site Request Forgery (CSRF) vulnerability that enables Stored XSS, with CVSS v3.1 base score 7.1 (High). Public references in the provide...

CVE-2025-39442 WordPress Review Wave – Google Places Reviews plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in MessageMetric Review Wave – Google Places Reviews allows Stored XSS. This issue affects Review Wave – Google Places Reviews: from n/a through 1.4.7...

WordPress Review Wave – Google Places Reviews plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by johska Patchstack Alliance in WordPress Plugin Review Wave – Google Places Reviews versions = 1.4.7...

WordPress plugin Review Wave – Google Places Reviews 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on servers running PHP and MySQL. WordPress plugin is an application...

PT-2025-17009 · Unknown · Review Wave – Google Places Reviews

Name of the Vulnerable Software and Affected Versions: Review Wave – Google Places Reviews versions 1.4.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the...

Built In Honors Rapid7 with “2025 Best Places To Work” Award

3 Rapid7 Offices Included in Built In’s “Best Places to Work” Lists Built In has announced that Rapid7 is being honored in the 2025 Best Places To Work Awards. Specifically, Rapid7 earned recognition for three office locations: Austin, Boston, and Arlington Washington DC. The annual awards progra...

Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges

Alan Filion, believed to have operated under the handle “Torswats,” admitted to making more than 375 fake threats against schools, places of worship, and government buildings around the United States...

Malicious code in algolia-places (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6557 Malicious code in algolia-places (RubyGems)

--- -= Per source details. Do not edit below this line.=-...