PT-2025-49915

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Select-Themes Select Core select-core allows DOM-Based XSS.This issue affects Select Core: from n/a through 2.6...

WordPress plugin Select Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Select Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-51695

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw within the MPTCP implementation. Specifically, the rcv mss was not initialized before being used in the tcp send active reset function within mptcp do...

MAL-2025-191016 Malicious code in svelte-autocomplete-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9659f91ce1f699661cdedee2d6691f0a4a515b4941511290b0082e5b662a91ea The package svelte-autocomplete-select was found to contain malicious code. Source: ghsa-malware...

fusiongrid (>=1.0.0 <=1.3.2), react-fusiongrid (>=0.1.0 <=1.1.1) +1 more potentially affected by unknown CVE via svelte-autocomplete-select (=1.1.0)

svelte-autocomplete-select NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on svelte-autocomplete-select and may be impacted: - fusiongrid =1.0.0, =0.1.0, =1.1.0, =1.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191016...

Malicious code in svelte-autocomplete-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9659f91ce1f699661cdedee2d6691f0a4a515b4941511290b0082e5b662a91ea The package svelte-autocomplete-select was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199027

Malicious code in svelte-autocomplete-select npm...

CVE-2025-13138 WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection via select_2_ajax() Function

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columnssearch' parameter of the select2ajax function in all versions up to, and including, 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

WordPress Select Core plugin < 2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Select Core versions 2.6...

WordPress Select Core plugin < 2.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Select Core versions 2.6...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2019-19244)

Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, In...

Siemens SIMATIC S7-1500 Use After Free (CVE-2020-11656)

In SQLite through 3.31.1, the ALTER TABLE implementation has a use- after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Siemens SIMATIC S7-1500 Use After Free (CVE-2021-20227)

A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerabilit...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2019-19923)

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference or incorrect results. This plugin only works with Tenable.ot. Please visit...

EUVD-2025-95133

Malicious code in selectcaribouz3n npm...

Malicious code in select_caribou_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 850e3b8a4e5790cc4ce8939e03b53c4b4bcc40769152388a1c581ccd4d989d78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-74271

Malicious code in selectdormousebronze-27 npm...

EUVD-2025-75686

Malicious code in selectaphid-apptea npm...

EUVD-2025-78354

Malicious code in selectladybugz3n npm...