13 matches found
CVE-2026-57331
Performer Arbitrary File Deletion in Paid Videochat Turnkey Site = 7.4.8 versions...
Fortinet FortiOS 缓冲区错误漏洞
Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and...
CVE-2026-0738 Shortcodes Ultimate <= 7.4.8 - authenticated (Contributor+) Stored Cross-Site Scripting via 'su_carousel' Shortcode
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sucarousel shortcode in all versions up to, and including, 7.4.8. This is due to insufficient input sanitization and output escaping in the 'suslidelink' attachment meta field...
CVE-2022-26748
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution...
EUVD-2025-34248
An Unchecked Return Value vulnerability CWE-252 in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted request...
CVE-2025-58903
An Unchecked Return Value vulnerability CWE-252 in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted request...
EUVD-2025-24461
Malicious code in bioql PyPI...
CVE-2022-45748
creationtimestamp| type| source ---|---|--- 2025-04-03 15:34:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10246...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
WordPress Bread & Butter plugin <= 7.4.857 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Bread & Butter versions = 7.4.857...
PMB security breach
PMB is a 100% free document management reference tool from the PMB Services team. A security vulnerability exists in PMB version v.7.4.8, which originates from a vulnerability that allows remote attackers to execute arbitrary code and escalate privileges by uploading the startimport.php file...
CVE-2022-31748
Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited ...
CVE-2022-25748
creationtimestamp| type| source ---|---|--- 2022-10-19 14:15:23+00:00| seen| https://t.me/cibsecurity/51765...