1842 matches found
EUVD-2025-35569
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...
CVE-2025-48082
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...
CVE-2025-48082 WordPress Progress Planner plugin <= 1.8.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...
CVE-2025-48082 WordPress Progress Planner plugin <= 1.8.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...
CVE-2025-48082
CVE-2025-48082 describes an incorrect privilege assignment in the WordPress plugin Progress Planner (Progress Planner,
EUVD-2025-35317
The Responsive Progress Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rprogress shortcode in versions less than, or equal to, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-11883
The CVE refers to the WordPress plugin Responsive Progress Bar. The vulnerability is a Stored Cross-Site Scripting (XSS) via the rprogress shortcode in versions up to and including 1.0, caused by insufficient input sanitization and output escaping of user-supplied attributes. An attacker with con...
CVE-2025-11883 Responsive Progress Bar <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Responsive Progress Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rprogress shortcode in versions less than, or equal to, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
WordPress plugin Progress Planner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress plugin Responsive Progress Bar 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-43153
Name of the Vulnerable Software and Affected Versions Progress Planner versions prior to 1.8.1 Description An incorrect privilege assignment exists in Progress Planner, potentially allowing privilege escalation. Recommendations Update Progress Planner to version 1.8.1 or later...
WordPress Responsive Progress Bar plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Responsive Progress Bar versions = 1.0...
kernel: crypto: seqiv - Handle EBUSY correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...
UTT Progressive 518G Buffer Overflow Vulnerability
The UTT Progress 518G is an enterprise-class router designed for small and medium-sized business office environments, focusing on multi-WAN port access and stable performance. UTT Enterprise 518G suffers from a buffer overflow vulnerability, which originates from the parameter Profile in the file...
AEX-NStep: Probabilistic Interrupt Counting Attacks on Intel SGX
To mitigate interrupt-based stepping attacks notably using SGX-Step, Intel introduced AEX-Notify, an ISA extension to Intel SGX that aims to prevent deterministic single-stepping. In this work, we introduce AEX-NStep, the first interrupt counting attack on AEX-Notify-enabled Enclaves. We show tha...
Service Provider Migration to Unified Veeam Data Cloud FAQ
Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...
kernel: crypto: seqiv - Handle EBUSY correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...
PT-2025-41846
Name of the Vulnerable Software and Affected Versions YouDataSum CPAS Audit Management System versions prior to 4.9 Description The YouDataSum CPAS Audit Management System is susceptible to SQL Injection due to inadequate input validation. This allows remote, unauthenticated attackers to execute...
CVE-2025-10240
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session...
CVE-2025-10240 Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session...