CEWE Photoshow 安全漏洞

CEWE Photoshow is a multimedia presentation software developed by the British company CEWE, designed for browsing and displaying photo content. Version 6.3.4 of CEWE Photoshow contains a security vulnerability. This vulnerability stems from a buffer overflow in the login dialog box, which could...

CVE-2019-25260

OXID eShop versions 6.x prior to 6.3.4 contains a SQL injection vulnerability in the 'sorting' parameter that allows attackers to insert malicious database content. Attackers can exploit the vulnerability by manipulating the sorting parameter to inject PHP code into the database and execute...

CVE-2025-60081

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.5.0...

CVE-2025-60081 WordPress PDF for Contact Form 7 plugin <= 6.5.0 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.5.0...

PT-2025-52139

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.3.4...

WordPress ShortPixel Image Optimizer plugin <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export vulnerability

Authenticated Contributor+ Settings Import/Export vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin ShortPixel Image Optimizer versions = 6.3.4...

PT-2025-38951

Name of the Vulnerable Software and Affected Versions Awesome Support versions through 6.3.4 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. Recommendations Update Awesome Support to a version later than 6.3.4...

WordPress plugin Awesome Support 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2025-36773

Name of the Vulnerable Software and Affected Versions: Awesome Support versions through 6.3.4 Description: A missing authorization flaw exists in Awesome Support. The issue potentially exposes low-confidentiality data. Recommendations: Update Awesome Support to a version newer than 6.3.4, if...

PT-2024-23781

Name of the Vulnerable Software and Affected Versions WordPress versions 5.9 through 5.9.9 WordPress versions 6.0 through 6.0.8 WordPress versions 6.1 through 6.1.6 WordPress versions 6.2 through 6.2.5 WordPress versions 6.3 through 6.3.4 WordPress versions 6.4 through 6.4.4 WordPress versions 6....

CVE-2023-41171

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 3 of 4...

CVE-2023-41169

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 2 of 4...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from fs/ksmbd/smb2pdu.c not properly checking the UserName value, and can be...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from an out-of-bounds read by ksmbd in smb2findcontextvals when the namelen of...

SUSE CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3...

PT-2023-4753 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.3.4 Description: The issue is related to a use-after-free problem in the r592 remove function of the Linux kernel's r592 device driver. This can lead to a race condition, potentially causing system crashes or...

TYPO3 访问控制错误漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. A security vulnerability exists in TYPO3 version 5.5.3, version 6.x up to and including version 6.3.4, and version 7.x up to and including version 7.1.0, which stems from a lack ...

CVE-2019-14765

Incorrect Access Control in AfficheExplorateurParam in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers...

CVE-2017-18084

The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the description of a macro...

PT-2011-1487 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue is related to the socket implementation in the Linux kernel, which does not properly manage a backlog of received packets. This allows remote attackers to cause a denial of service ...