7895 matches found
CVE-2024-13381 Calculated Fields Form < 5.2.62 - Admin+ Stored XSS
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2025-18466
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurs when the dsa tree setup function fails after successfully probing the last switch in the tree, resulting in a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unreleased connection when a tlink setup fails, which could lead to a module reference count leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unfree memory in octepdevicesetup, which could lead to a memory leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not freeing routing table memory in dsatreesetup...
PT-2025-18497 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible name leak issue has been resolved in the Linux kernel, specifically in the tcm loop setup hba bus function. If device register fails, the name allocated by dev set name need...
PT-2025-18489 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the ALSA: usb-audio component. The issue concerns the snd usbmidi output open function, which contains a check for a NU...
CVE-2024-9771
The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
YesWiki Remote Code Execution via Arbitrary PHP File Write and Execution
Summary An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server. All testing was performed on a local docker setup running the latest version of the application. PoC Proof of Concept Navigate to...
Starfish: Rebalancing Multi-Party Off-Chain Payment Channels
Blockchain technology has revolutionized the way transactions are executed, but scalability remains a major challenge. Payment Channel Network PCN, as a Layer-2 scaling solution, has been proposed to address this issue. However, skewed payments can deplete the balance of one party within a channe...
CVE-2025-0627
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-9771
The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-0627 AI Autotagger < 3.30.0 - Admin+ Stored XSS
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-9771 WP-Recall < 16.26.12 - Admin+ Stored XSS
The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
libxml2 Installed (macOS)
Binary data macoslibxml2installed.nbin...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813 Proof of Concept PoC script for CVE-2025-2481...
CVE-2024-10680
The Form Maker by 10Web WordPress plugin before 1.15.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Exploit for Use of Persistent Cookies Containing Sensitive Information in Palletsprojects Flask
CVE-2023-30861 PoC Proof of Concept ⚠️ 주의 CAUTION...
Exploit for CVE-2025-30208
CVE-2025-30208 & CVE-2025-31125 & CVE-2025-31486 1. Overvie...
CVE-2025-1453
The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...