115 matches found
CVE-2011-10038
Nagios XI (
CVE-2025-11564
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...
CVE-2025-11564 Tutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status Update
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...
EUVD-2025-35913
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...
EUVD-2025-33722
Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business emai...
CVE-2025-60378
Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business emai...
EUVD-2015-9365
Malware in sbrugna...
EUVD-2025-27571
Malicious code in bioql PyPI...
EUVD-2025-28650
Malicious code in bioql PyPI...
EUVD-2024-35435
Malicious code in bioql PyPI...
EUVD-2024-33337
Malicious code in bioql PyPI...
EUVD-2022-32050
Malicious code in bioql PyPI...
EUVD-2025-25248
Malicious code in bioql PyPI...
Sendit tricked kids, harvested their data, and faked messages, FTC claims
The Federal Trade Commission FTC has sued Sendit’s parent company, saying it signed up children under 13, collected their personal data, and misled them with fake messages and recurring bills. The lawsuit, filed against the app's owner Iconic Hearts Holdings Inc and CEO Hunter Rice, alleges the...
CVE-2025-59045
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2025-59045
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2025-59045
CVE-2025-59045 affects Stalwart mail/collaboration server in its CalDAV implementation. Vulnerable in versions 0.12.0 through 0.13.2 due to a memory exhaustion flaw in ArchivedCalendarEventData.expand when processing CalDAV REPORT requests with event expansion (e.g., expanded recurring events). A...
CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...