1495 matches found
BELL-CVE-2024-45779
Bulletin has no description...
CVE-2025-26755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jgwhite33 WP Airbnb Review Slider wp-airbnb-review-slider allows Blind SQL Injection.This issue affects WP Airbnb Review Slider: from n/a through = 3.9...
CVE-2025-24567
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through = 1.8.16.0...
CVE-2025-23742
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Podamibe Nepal Podamibe Twilio Private Call podamibe-twilio-private-call allows Reflected XSS.This issue affects Podamibe Twilio Private Call: from n/a through = 1.0.1...
CVE-2025-21337
Windows NTFS Elevation of Privilege Vulnerability...
CVE-2022-45135
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2024-36742
An issue in the oneflow.scatternd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when index parameter exceeds the range of shape...
CVE-2024-35576
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv...
CVE-2023-34440
An improper input validation flaw was found in UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...
CVE-2025-21695
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...
go-crypto-winnative BCryptGenerateSymmetricKey memory leak
Calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time...
CVE-2025-21689
A flaw was found in the quatech2 module in the Linux kernel. An incorrect check for invalid port numbers can cause a NULL pointer dereference and result in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...
CVE-2025-1147
A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...
BELL-CVE-2025-21685
Bulletin has no description...
CVE-2025-25111
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2025-22681
Missing Authorization vulnerability in Xfinitysoft Content Cloner super-seo-content-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Content Cloner: from n/a through = 1.0.1...
CVE-2024-50500
Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.4...
CVE-2025-24602
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP24 WP24 Domain Check wp24-domain-check allows Reflected XSS.This issue affects WP24 Domain Check: from n/a through = 1.10.14...
BELL-CVE-2024-12133
Bulletin has no description...
CVE-2025-22499
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through = 1.1.18...