1824 matches found
CVE-2026-32396 WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.13...
PT-2026-25216
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...
[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42
OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...
CVE-2026-27382
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RadiusTheme Metro metro allows DOM-Based XSS.This issue affects Metro: from n/a through = 2.13...
CVE-2026-27383
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...
CVE-2026-23546
Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing classified-listing allows Retrieve Embedded Sensitive Data.This issue affects Classified Listing: from n/a through = 5.3.4...
OESA-2026-1439 wpa_supplicant security update
wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...
OESA-2026-1438 wpa_supplicant security update
wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +155 more potentially affected by CVE-2026-1190 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.2)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.2.0, =1.3.0 and more Source cves: CVE-2026-1190 Source advisory: OSV:GHSA-63V5-26VQ-M4VMhttps://vulners.com/osv/OSV:GHSA-63V5-26VQ-M4...
Azure Linux 3.0 Security Update: ppp (CVE-2015-3310)
The version of ppp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-3310 advisory. - Buffer overflow in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp 2.4.6 and earlier, wh...
MiracleLinux 4 : freeradius-2.2.6-4.AXS4 (AXSA:2015-304:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-304:01 advisory. The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2...
MiracleLinux 7 : krb5-1.13.2-10.el7 (AXSA:2015-622:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-622:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...
MiracleLinux 3 : freeradius-1.1.3-1.5AXS3 (AXSA:2009-401:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-401:02 advisory. The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2...
CVE-2025-13854
The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arctext shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
MiracleLinux 7 : krb5-1.15.1-55.0.2.el7.AXS7 (AXSA:2025-9717:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9717:01 advisory. improve your network's security by eliminating the insecure practice of cleartext passwords. Security fixes: - CVE-2024-3596: implement support for...
CVE-2025-13854
The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arctext shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-13854
CVE-2025-13854 — The Curved Text WordPress plugin is vulnerable to a stored XSS via the radius parameter of the arctext shortcode in versions up to 0.1. The Wordfence note confirms the issue arises from insufficient input sanitization/output escaping, enabling authenticated attackers with Contrib...
CVE-2022-38767
An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure...
PT-2026-1718
Name of the Vulnerable Software and Affected Versions Curved Text versions prior to 0.1 Description The Curved Text plugin for WordPress is susceptible to Stored Cross-Site Scripting through the radius parameter of the arctext shortcode. Insufficient input sanitization and output escaping allow...
WordPress plugin Curved Text 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. Cross-site scripting...