EUVD-2026-29938

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...

PT-2026-40595

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the save widget and reset all widgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with...

CVE-2019-25554 Tomabo MP4 Converter 3.25.22 Denial of Service via Name Field

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...

CVE-2019-25554 Tomabo MP4 Converter 3.25.22 Denial of Service via Name Field

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...

PT-2026-26899

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...

EUVD-2025-34976

The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /filebird/v1/fb-wipe-clear-all-data function in all versions up to, and including, 6.4.9. This makes it possible for...

CVE-2022-29414

Multiple 13x Cross-Site Request Forgery CSRF vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin mass update settings, manage subscriptions add a new subscription, update subscription, delete Subscription...

USN-942-1: PostgreSQL vulnerabilities

It was discovered that the Safe.pm module as used by PostgreSQL did not properly restrict PL/perl procedures. If PostgreSQL was configured to use Perl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Perl code. CVE-2010-1169 It was discovered that...

PostgreSQL RESET ALL操作不安全权限检查漏洞

BUGTRAQ ID: 40304 CVE ID: CVE-2010-1975 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL在执行某些RESET ALL操作期间没有正确地执行权限检查，通过认证的远程用户可以通过ALTER USER或ALTER DATABASE语句删除任意参数设置。 PostgreSQL 8.4 PostgreSQL 8.3 PostgreSQL 8.2 PostgreSQL 8.1 PostgreSQL 8.0 PostgreSQL 7.4 厂商补丁： PostgreSQL ----------...

CVE-2010-1975

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a 1 ALTER USER ...