78 matches found
CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...
CVE-2025-10327
CVE-2025-10327 affects MiczFlor RPi-Jukebox-RFID up to version 2.8.0. The vulnerability is an OS command injection in the shuffle.php endpoint located at /htdocs/api/playlist/shuffle.php, triggered by manipulating the playlist argument. It is exploitable remotely and public proofs of concept exis...
Linux Distros Unpatched Vulnerability : CVE-2023-34453
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a...
IDCloak: a Practical Secure Multi-Party Dataset Join Framework for Vertical Privacy-Preserving Machine Learning
Vertical privacy-preserving machine learning vPPML enables multiple parties to train models on their vertically distributed datasets while keeping datasets private. In vPPML, it is critical to perform the secure dataset join, which aligns features corresponding to intersection IDs across datasets...
CVE-2024-56375
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a Manifest RPKI object containing an empty fileList. Fort dereferences and, shortly afterwards, writes to this array during a...
CVE-2023-25674
TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...
Differential Privacy for Network Assortativity
The analysis of network assortativity is of great importance for understanding the structural characteristics of and dynamics upon networks. Often, network assortativity is quantified using the assortativity coefficient that is defined based on the Pearson correlation coefficient between vertex...
CVE-2025-39591
Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...
CVE-2025-39592
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through = 1.3.0...
CVE-2025-39591
Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...
CVE-2025-30782
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...
CVE-2025-30782
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...
CVE-2025-30782
CVE-2025-30782 corresponds to a WordPress vulnerability in the Subscribe to Download Lite plugin (
WordPress Shuffle plugin SQL injection vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shuffle plugin suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements. An attacker can exploit this...
CVE-2025-30784
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows SQL Injection.This issue affects WP Subscription Forms: from n/a through = 1.2.3...
CVE-2025-30785
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...
CVE-2025-28873
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through = 0.5...
CVE-2025-30784
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows SQL Injection.This issue affects WP Subscription Forms: from n/a through = 1.2.3...
CVE-2025-30785
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...
CVE-2025-30785
CVE-2025-30785 corresponds to a local file inclusion in the WordPress plugin Subscribe to Download Lite. The weakness arises from improper control of filename in an include/require statement (PHP). The vulnerable condition is authenticated access (Contributor+) and is tied to the Subscribe to Dow...