CVE-2026-11448

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

PT-2026-47169

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

EulerOS 2.0 SP10 : python-ldap (EulerOS-SA-2026-1346)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

CVE-2025-53437 WordPress Greenorganic theme <= 2.45 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Greenorganic greenorganic allows PHP Local File Inclusion.This issue affects Greenorganic: from n/a through = 2.45...

PT-2025-49916

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

Linux Distros Unpatched Vulnerability : CVE-2025-11839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked...

CVE-2025-11495

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elfx8664relocatesection of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclos...

WordPress Greenorganic theme <= 2.45 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Greenorganic versions = 2.45...

VulnCheck KEV: CVE-2018-2392

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...

CVE-2022-36136

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment...

CVE-2018-1000651

Stroom version 5.4.5 contains a XML External Entity XXE vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file...

CVE-2024-35255 affecting package prometheus for versions less than 2.45.4-11

CVE-2024-35255 affecting package prometheus for versions less than 2.45.4-11. A patched version of the package is available...

PT-2024-23439 · Unknown · Fg Prestashop To Woocommerce

Name of the Vulnerable Software and Affected Versions: FG PrestaShop to WooCommerce versions n/a through 4.45.1 Description: The issue is related to the insertion of sensitive information into log files. This can potentially expose confidential data. There is no information provided about the...

WordPress plugin Simple Giveaways 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

SUSE CVE-2022-25236

xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...

CVE-2021-39332 Business Manager – WordPress ERP, HR, CRM, and Project Management Plugin <= 1.4.5 Authenticated Stored Cross-Site Scripting

The Business Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found throughout the plugin which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.4.5. This...

SUSE-SU-2021:1152-1 Security update for spamassassin

This update for spamassassin fixes the following issues: - spamassassin was updated to version 3.4.5 - CVE-2019-12420: memory leak via crafted messages bsc1159133 - CVE-2020-1946: security update bsc1184221...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2015-06982)

Oracle MySQL Server is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost, good reliability and so on. An unspecified vulnerability exists in Oracle MySQL Server versions 5.5.45 and earlier and 5.6.26 and earlier. ...