CVE-2025-62153 WordPress Quick Interest Slider plugin <= 3.1.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through = 3.1.7...

CVE-2025-67471 WordPress Quick Contact Form plugin <= 8.2.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Cross Site Request Forgery.This issue affects Quick Contact Form: from n/a through = 8.2.5...

CVE-2025-67471

CVE-2025-67471 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Quick Contact Form (Saad Iqbal Quick Contact Form), affecting versions through 8.2.5. The connected sources corroborate a CSRF flaw in this plugin and indicate a patch status of “Patched” in at leas...

PT-2025-49887

Name of the Vulnerable Software and Affected Versions Saad Iqbal Quick Contact Form versions through 8.2.5 Description A Cross-Site Request Forgery CSRF issue exists in Quick Contact Form. This allows attackers to perform actions on behalf of an authenticated user without their knowledge...

WordPress plugin Quick Contact Form 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

CVE-2020-36877

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

CVE-2020-36877

CVE-2020-36877 affects ReQuest Serious Play F3 Media Server 7.0.3, with an unauthenticated remote code execution vulnerability. An attacker can upload PHP executables via the Quick File Uploader page (/tools/upload.html), resulting in code execution as the web server user. The vulnerability descr...

CVE-2020-36877 ReQuest Serious Play F3 Media Server <= 7.0.3 code execution

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

EUVD-2020-30827

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

AlmaLinux 10 : qt6-qtquick3d (ALSA-2025:22361)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22361 advisory. assimp: Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile heap-based overflow CVE-2025-11277 Tenable has extracted the preceding description block...

PT-2025-49271

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

Exploit for CVE-2025-55182

React 19 & Next.js Security Fix Prompts for AI Agents 🚨 CRI...

RHSA-2025:22663 Red Hat Security Advisory: qt6-qtquick3d security update

Bulletin has no description...

AZL-71555 CVE-2025-12385 affecting package qtdeclarative for versions less than 6.6.1-2

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

CVE-2025-12385

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

CVE-2025-12385

CVE-2025-12385 affects the Qt Text component in Qt Quick across Windows, macOS, Linux, iOS, Android (Qt 5.0.0–6.5.10, 6.6.0–6.8.5, 6.9.0–6.10.0). Root cause: missing validation of width/height in the tag in the Text parser, allowing excessive resource allocation and potentially an unresponsive a...

CVE-2025-12385 Improper validation of <img> tag size in Text component parser

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

Security advisory: Improper validation of tag size in Text component parser in Qt declarative module impacts Qt

Improper Validation of Specified Quantity in Input vulnerability in Text component parser of the Qt declarative module has been discovered and has been assigned the CVE id CVE-2025-12385 Affected versions: From Qt 5.0.0 to 6.5.10 and from 6.6.0 to 6.8.5 and from 6.9.0 to 6.10.0 Impact: Allocation...

RHSA-2025:22361 Red Hat Security Advisory: qt6-qtquick3d security update

Bulletin has no description...

WordPress Quick Interest Slider plugin <= 3.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Quick Interest Slider versions = 3.1.5...