CVE-2026-21971

...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...

CVE-2025-62074

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.71...

EUVD-2025-38043

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.71...

CVE-2025-62074

CVE-2025-62074 corresponds to an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress WPMobile.App plugin (wpappninja), affecting versions up to and including 11.71. The issue arises from improper input handling during web page generation. Public sources in Connected d...

CVE-2025-62074 WordPress WPMobile.App plugin <= 11.71 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.71...

Linux Distros Unpatched Vulnerability : CVE-2019-11756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects...

CVE-2022-44671

creationtimestamp| type| source ---|---|--- 2025-07-22 17:33:25+00:00| seen| Telegram/rnR1R61tT5mvS6qQMkmJFXNsV1ibu3Czk5iFxOj67V6tqTs...

CVE-2025-30171 Admin Authorized System File Deletion

System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-20929

Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code...

WordPress IdeaPush plugin <= 8.71 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin IdeaPush versions = 8.71...

CVE-2024-25187

Server Side Request Forgery SSRF vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html...

CVE-2024-25166

Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file...

ESPEC MIC多款产品跨站脚本漏洞

ESPEC MIC RT-12N and others are an environmental sensor from ESPEC MIC. A security vulnerability exists in several ESPEC MIC products, which can be exploited by an attacker to execute arbitrary scripts on a logged-in user's web browser. The following products and versions are affected: ESPEC MIC:...

CVE-2022-27170

creationtimestamp| type| source ---|---|--- 2023-02-17 00:12:45+00:00| seen| https://t.me/cibsecurity/58397...

SUSE CVE-2019-17011

Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, and Firefox 71...

SUSE CVE-2019-17012

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...

SUSE CVE-2019-17013

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 71...

CVE-2022-47195

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

PT-2022-34816 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns the denial of offload of tc-based TSN features on VF interfaces. It was introduced in version v5.5 and fixed in version v5.15.71. The actual impact and attack plausibilit...