GHSA-4V9X-CQC5-J645

creationtimestamp| type| source ---|---|--- 2026-04-24 15:22:27+00:00| published-proof-of-concept| Telegram/lvQKk-ZCMh3Q3qpeojegtiwsEvYSJJ9oeMubqB3D8wrl-U...

WordPress Community by PeepSo plugin <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Community by PeepSo versions = 6.4.5.0...

CVE-2024-12923 Photo Station

A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...

CVE-2025-49463

Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access...

app.valuationcontrol:library (>=0.5.8 <=0.5.9), at.aimon.ops:aimon-ops-api (>=0.0.1 <=0.0.2) +2660 more potentially affected by CVE-2025-41232 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.5)

org.springframework.security:spring-security-core MAVEN version =6.4.0, =0.5.8, =0.0.1, =55.v51410e712e0c, =1.5.4.RELEASE, =1.0.1, =1.0.2, =1.0.4, =1.0.2, =1.0.16, =1.0.2, =1.0.4, =1.10.0, =1.10.0, =1.10.0, =1.15.1 and more Source cves: CVE-2025-41232 Source advisory: OSV:GHSA-9PP5-9C7G-4R83...

Linux Distros Unpatched Vulnerability : CVE-2020-25645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt...

CVE-2024-47011

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information...

CVE-2024-47007

A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service...

Ivanti Avalanche 安全漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche versions prior to 6.4.5. An attacker exploiting this...

Ivanti Avalanche 安全漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche versions prior to 6.4.5. An attacker exploiting this...

PT-2024-6879 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.5 Description: The issue is related to a path traversal vulnerability that allows a remote unauthenticated attacker to bypass authentication. This is due to incorrect restriction of the path name to a...

PT-2023-29328

Name of the Vulnerable Software and Affected Versions Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina versions through 6.4.5 Description The issue is related to Exposure of Sensitive Information to an Unauthorized Actor. This allows unauthorized access to sensitive information...

WordPress plugin WP Retina 2x Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

CVE-2023-34030

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Request Forgery.This issue affects Complianz: from n/a through 6.4.5; Complianz Premium: from n/a through 6.4.7...

PT-2023-24646 · Really Simple Plugins · Really Simple Plugins Complianz Premium +1

Name of the Vulnerable Software and Affected Versions: Really Simple Plugins Complianz versions through 6.4.5 Really Simple Plugins Complianz Premium versions through 6.4.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz and Really Simp...

Fortinet FortiClient 代码注入漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in FortiClientMacOS...

Cisco Wide Area Application Services 安全漏洞

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An information disclosure vulnerability exists in Cisco...